Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

b3c302e71d...9b.exe

windows7-x64

8

b3c302e71d...9b.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b3c302e71dd1fecbfa70ac49d1a0b3bc773d4c8173fa2b5c25d5e547ce36d39b

  • Size

    84KB

  • Sample

    240307-ype13sdc6x

  • MD5

    56177e87c4e684efe7fcdd9f0a143765

  • SHA1

    5e8af71204c42ce90b7aab50e2c96681520c1a69

  • SHA256

    b3c302e71dd1fecbfa70ac49d1a0b3bc773d4c8173fa2b5c25d5e547ce36d39b

  • SHA512

    681bede282a4f9ccb4a926013081d4888e3581873cc3374a71884fcb42d815f5cebce404a3bbfb061b943da43bd31f77b28f5d0c6bb47a82f49364fcf08475ee

  • SSDEEP

    1536:+azWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYS7Q8xg:yFNpo6rIKlUE8fbkqRfbaQlaYYSg

Score
8/10
persistence

Malware Config

Targets

    • Target

      b3c302e71dd1fecbfa70ac49d1a0b3bc773d4c8173fa2b5c25d5e547ce36d39b

    • Size

      84KB

    • MD5

      56177e87c4e684efe7fcdd9f0a143765

    • SHA1

      5e8af71204c42ce90b7aab50e2c96681520c1a69

    • SHA256

      b3c302e71dd1fecbfa70ac49d1a0b3bc773d4c8173fa2b5c25d5e547ce36d39b

    • SHA512

      681bede282a4f9ccb4a926013081d4888e3581873cc3374a71884fcb42d815f5cebce404a3bbfb061b943da43bd31f77b28f5d0c6bb47a82f49364fcf08475ee

    • SSDEEP

      1536:+azWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYS7Q8xg:yFNpo6rIKlUE8fbkqRfbaQlaYYSg

    Score
    8/10
    persistence

    • Downloads MZ/PE file

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks