Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    acabed941479768651f6fe6a9fac201c

  • Size

    458KB

  • Sample

    240228-x8drpabh8z

  • MD5

    acabed941479768651f6fe6a9fac201c

  • SHA1

    3da8663a6aa45480d86ff451634a00d5aed76917

  • SHA256

    a3d86c5177e6aca6bdb99b52c0e0424645a362ccd31c4c1698581cfc4fc41160

  • SHA512

    68e15101718478e7be568b33c23bcbe5dc6319ffc21dc1256e089ad8023c93f33515ac4570d0338c177fccd5c6d666a5ce496cc677b571c7dd313ffdeda76f78

  • SSDEEP

    6144:2YWGHdSkJdlTQm2PdLFeV4H3T9rOOQM48rA8H74rHYaWqiqTAFVDsCXvxUt:pIyqm+lFtH3BzlA+KUq0LDsavat

Malware Config

Targets

    • Target

      acabed941479768651f6fe6a9fac201c

    • Size

      458KB

    • MD5

      acabed941479768651f6fe6a9fac201c

    • SHA1

      3da8663a6aa45480d86ff451634a00d5aed76917

    • SHA256

      a3d86c5177e6aca6bdb99b52c0e0424645a362ccd31c4c1698581cfc4fc41160

    • SHA512

      68e15101718478e7be568b33c23bcbe5dc6319ffc21dc1256e089ad8023c93f33515ac4570d0338c177fccd5c6d666a5ce496cc677b571c7dd313ffdeda76f78

    • SSDEEP

      6144:2YWGHdSkJdlTQm2PdLFeV4H3T9rOOQM48rA8H74rHYaWqiqTAFVDsCXvxUt:pIyqm+lFtH3BzlA+KUq0LDsavat

    • Disables Task Manager via registry modification

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks