Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ModuloDigitalizacao_v4.3.2.exe
-
Size
63.3MB
-
Sample
240315-var6badd2y
-
MD5
6c4ef492797a02a61a376472cd163eab
-
SHA1
fb72b5677208144187c800bb2f0f930c9c213e01
-
SHA256
4f1a0c7cd329d8fd5be9e284879931d976461fe49ea1cd346531ed10abd713bc
-
SHA512
8faa936c0511319ea8947dd6d6c34e76c4fe91b29b3dba212a567f271cab34c9489e0bdb0d3fcd4be49407908a8d8a408387c395188aaf4bac171967aa018b77
-
SSDEEP
1572864:FaMDboCIcSHfdJU3YO6bj2Npgd6uEJ2L/NEN:FnboDH7U3YOot6bJ2BEN
Static task
static1
Behavioral task
behavioral1
Sample
ModuloDigitalizacao_v4.3.2.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
ModuloDigitalizacao_v4.3.2.exe
-
Size
63.3MB
-
MD5
6c4ef492797a02a61a376472cd163eab
-
SHA1
fb72b5677208144187c800bb2f0f930c9c213e01
-
SHA256
4f1a0c7cd329d8fd5be9e284879931d976461fe49ea1cd346531ed10abd713bc
-
SHA512
8faa936c0511319ea8947dd6d6c34e76c4fe91b29b3dba212a567f271cab34c9489e0bdb0d3fcd4be49407908a8d8a408387c395188aaf4bac171967aa018b77
-
SSDEEP
1572864:FaMDboCIcSHfdJU3YO6bj2Npgd6uEJ2L/NEN:FnboDH7U3YOot6bJ2BEN
Score8/10-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Modify Registry
2Subvert Trust Controls
1SIP and Trust Provider Hijacking
1