Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

27/03/2024, 15:17

240327-sn4edsab21 8

27/03/2024, 15:01

240327-sec6vaef54 8

27/03/2024, 15:00

240327-sdj8rsef32 3

General

  • Target

    MDE_File_Sample_e1f5b43b5a5feb40d557f6eb925b868a560a430c.zip

  • Size

    46KB

  • Sample

    240327-sn4edsab21

  • MD5

    9a639cdcc22bf377977232b95636d9de

  • SHA1

    c160ed42bfcd1ca4581662fcc5c023a7c1946fe5

  • SHA256

    bb7312ad8dba9f8436d783d46df5ce59a0255ecf113d68585c5bebf14671ab86

  • SHA512

    d430d3080db5034952ef95e79046f5b633b43c20f0d2c7357908f64a9347066946e6a73b6c36cb56620d6f3d093b7db3746f7e1b4c10d089b845026c0c907090

  • SSDEEP

    768:1aohavmnfUR2OHBgVYBbUZEnaQlglNnwLYKeMp/4ih/XGbbaq9Wo87ij+OPZ+Yly:8K3nfUR2uuZXQl8NnwzX/X2bHWoyS+CU

Score
8/10

Malware Config

Targets

    • Target

      SSA-taxID-351788.exe

    • Size

      84KB

    • MD5

      6fbb5177c1783b1a798b116887307962

    • SHA1

      e77ad960baea0c7c882ba91ddcc5848a479e91c2

    • SHA256

      4443b89e20c8ad7df0158ebeb2bb0266951ea1885aec2a1f8e7011ba275a1682

    • SHA512

      a64684c80c7d9840375f05eb491dacc2685ed02a6612f3f5fc4f3bdaeb6da774da65fb0a550ef2343511bd58e2f0105d468f9454c4fa44512116c34858217a85

    • SSDEEP

      1536:+azWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYS7Q8xm:yFNpo6rIKlUE8fbkqRfbaQlaYYSm

    Score
    8/10
    • Downloads MZ/PE file

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Sets service image path in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks