Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    63f6744d66d7b0c265c49b9c0925c6e8376eee89babb91c04412e348d577a5e0

  • Size

    87KB

  • Sample

    240305-z1mezaad87

  • MD5

    ab639eb2eecd4b4724a4920128ae5c7e

  • SHA1

    fc8a04433be9a046a02e86e1c7d444ff33521836

  • SHA256

    63f6744d66d7b0c265c49b9c0925c6e8376eee89babb91c04412e348d577a5e0

  • SHA512

    5dc4d1329c64c072d206e4d834291fbc54fb68b2924aa99e260e069f7c588d9396dfed291fba80ebd8ff49fa254f1479e6714cbe18973c05ad5066bd95c19cfa

  • SSDEEP

    1536:1a3+ddygX7y9v7Z+NoykJHBOAFRfBjG3ldoIy:08dfX7y9DZ+N7eB+IIy

Score
10/10

Malware Config

Targets

    • Target

      63f6744d66d7b0c265c49b9c0925c6e8376eee89babb91c04412e348d577a5e0

    • Size

      87KB

    • MD5

      ab639eb2eecd4b4724a4920128ae5c7e

    • SHA1

      fc8a04433be9a046a02e86e1c7d444ff33521836

    • SHA256

      63f6744d66d7b0c265c49b9c0925c6e8376eee89babb91c04412e348d577a5e0

    • SHA512

      5dc4d1329c64c072d206e4d834291fbc54fb68b2924aa99e260e069f7c588d9396dfed291fba80ebd8ff49fa254f1479e6714cbe18973c05ad5066bd95c19cfa

    • SSDEEP

      1536:1a3+ddygX7y9v7Z+NoykJHBOAFRfBjG3ldoIy:08dfX7y9DZ+N7eB+IIy

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks