Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c443c82176...40.exe

windows7-x64

10

c443c82176...40.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c443c821763ea57da3197d56a7ed8c40

  • Size

    760KB

  • Sample

    240312-2c9lpsce2s

  • MD5

    c443c821763ea57da3197d56a7ed8c40

  • SHA1

    02cb4f9cc8985d5fd25d793fc486075b890983a4

  • SHA256

    1de09be03f53680ccc1b1420802c16ba773df83911814793e59cef53677dbdc8

  • SHA512

    3d389c799edcc4730fd065807ec22e23f2684d76fd9866e7dc3495766528c6b1ecb916d547525a45673d1ee5ab6e4a8fa62351702ab11fd50e1818d047ec61f9

  • SSDEEP

    12288:UZWtI6RkeeZJys73dOvXDpNjNe8NeZJys73dOvXDpNjNe8TOB0heZJys73dOvXD2:UuhaeeZJ8NI8NeZJ8NI8TOieZJ8NI8K

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      c443c821763ea57da3197d56a7ed8c40

    • Size

      760KB

    • MD5

      c443c821763ea57da3197d56a7ed8c40

    • SHA1

      02cb4f9cc8985d5fd25d793fc486075b890983a4

    • SHA256

      1de09be03f53680ccc1b1420802c16ba773df83911814793e59cef53677dbdc8

    • SHA512

      3d389c799edcc4730fd065807ec22e23f2684d76fd9866e7dc3495766528c6b1ecb916d547525a45673d1ee5ab6e4a8fa62351702ab11fd50e1818d047ec61f9

    • SSDEEP

      12288:UZWtI6RkeeZJys73dOvXDpNjNe8NeZJys73dOvXDpNjNe8TOB0heZJys73dOvXD2:UuhaeeZJ8NI8NeZJ8NI8TOieZJ8NI8K

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks