Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ModuloDigitalizacao_v4.3.2.exe

  • Size

    63.3MB

  • Sample

    240315-var6badd2y

  • MD5

    6c4ef492797a02a61a376472cd163eab

  • SHA1

    fb72b5677208144187c800bb2f0f930c9c213e01

  • SHA256

    4f1a0c7cd329d8fd5be9e284879931d976461fe49ea1cd346531ed10abd713bc

  • SHA512

    8faa936c0511319ea8947dd6d6c34e76c4fe91b29b3dba212a567f271cab34c9489e0bdb0d3fcd4be49407908a8d8a408387c395188aaf4bac171967aa018b77

  • SSDEEP

    1572864:FaMDboCIcSHfdJU3YO6bj2Npgd6uEJ2L/NEN:FnboDH7U3YOot6bJ2BEN

Malware Config

Targets

    • Target

      ModuloDigitalizacao_v4.3.2.exe

    • Size

      63.3MB

    • MD5

      6c4ef492797a02a61a376472cd163eab

    • SHA1

      fb72b5677208144187c800bb2f0f930c9c213e01

    • SHA256

      4f1a0c7cd329d8fd5be9e284879931d976461fe49ea1cd346531ed10abd713bc

    • SHA512

      8faa936c0511319ea8947dd6d6c34e76c4fe91b29b3dba212a567f271cab34c9489e0bdb0d3fcd4be49407908a8d8a408387c395188aaf4bac171967aa018b77

    • SSDEEP

      1572864:FaMDboCIcSHfdJU3YO6bj2Npgd6uEJ2L/NEN:FnboDH7U3YOot6bJ2BEN

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies Installed Components in the registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks