Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    brainsense.exe

  • Size

    2.0MB

  • Sample

    240310-2b4dasdd3x

  • MD5

    a38d2cd45857238391bdbe34b1a9729c

  • SHA1

    f87a12b7bcdf981909408b91ee25521604ca451f

  • SHA256

    f2c3dd28530a832dc3091a735311e258b02c304e5ed8d3e5ac9e09bbcd562716

  • SHA512

    ac0c91c12a63a376d6d6f93e744269341c71cdba07ecf337cecc04d3e95e1c3bab16190bdcc576b7bde34b116604e80fc0805277b43ea8fab4314499494fe218

  • SSDEEP

    49152:wIqRZxAFaCBUuGSWiGTO5Bqgwgk+V8uD:cZ/OUuGSzjq

Malware Config

Targets

    • Target

      brainsense.exe

    • Size

      2.0MB

    • MD5

      a38d2cd45857238391bdbe34b1a9729c

    • SHA1

      f87a12b7bcdf981909408b91ee25521604ca451f

    • SHA256

      f2c3dd28530a832dc3091a735311e258b02c304e5ed8d3e5ac9e09bbcd562716

    • SHA512

      ac0c91c12a63a376d6d6f93e744269341c71cdba07ecf337cecc04d3e95e1c3bab16190bdcc576b7bde34b116604e80fc0805277b43ea8fab4314499494fe218

    • SSDEEP

      49152:wIqRZxAFaCBUuGSWiGTO5Bqgwgk+V8uD:cZ/OUuGSzjq

    • Downloads MZ/PE file

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks