Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a40d521687543ade199a9960bae3b821

  • Size

    34KB

  • Sample

    240225-r4q9bsea44

  • MD5

    a40d521687543ade199a9960bae3b821

  • SHA1

    cb548e67b03204403da4bf82cf3c2dc58df35302

  • SHA256

    19bbbe3c06aa6a6940fbf4c971193eae81367a85695f029219a017f02af27534

  • SHA512

    d242ab1b09141e662ed9595c73e5658298d3e969254429a19b61dbfd7bcf61876fb7677d5649fdfffd3cb2dcbc74789e76d8b95b88aec8d5ba4d086fe66bdd96

  • SSDEEP

    768:UbWMezBoePQ2nl+sftNZZ4DIjpD1ywVneyMoXmFNT3KW9Gg:L/Boy+sfthdjpowVJMoXmFR6W9x

Score
8/10

Malware Config

Targets

    • Target

      a40d521687543ade199a9960bae3b821

    • Size

      34KB

    • MD5

      a40d521687543ade199a9960bae3b821

    • SHA1

      cb548e67b03204403da4bf82cf3c2dc58df35302

    • SHA256

      19bbbe3c06aa6a6940fbf4c971193eae81367a85695f029219a017f02af27534

    • SHA512

      d242ab1b09141e662ed9595c73e5658298d3e969254429a19b61dbfd7bcf61876fb7677d5649fdfffd3cb2dcbc74789e76d8b95b88aec8d5ba4d086fe66bdd96

    • SSDEEP

      768:UbWMezBoePQ2nl+sftNZZ4DIjpD1ywVneyMoXmFNT3KW9Gg:L/Boy+sfthdjpowVJMoXmFR6W9x

    Score
    8/10
    • Adds policy Run key to start application

    • Deletes itself

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks