Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    44e593c98acaf52aee91c09fe00fa196668351783fc8a623fc1da5325635130f.zip

  • Size

    11KB

  • Sample

    240402-l5aebaea6z

  • MD5

    e722907e40d7aba7a0f42c99c19c9acc

  • SHA1

    a8088eb05aadfca1045db26a3be3f220bfed13df

  • SHA256

    c633eafc9590bd4bb6c902e10c452542ed4dfb0f741666a3af6666cee1b7296d

  • SHA512

    ae765617b06940116166ac52b7731dec625a7aea1f7d7db0c43ffd9c1430a28c04c0fb689df74a13c7ccd04003fd46826f8877ddcc74e7c093f1a57ec74cc632

  • SSDEEP

    192:LmXcGcJB1V5Ka/AJk9LFTCRauh+6IufKmiizWECZeYQ0QJ5SpCZ1:yMGcJvTok9LFTYa++6IcKmxhY7QJ5SpW

Malware Config

Targets

    • Target

      44e593c98acaf52aee91c09fe00fa196668351783fc8a623fc1da5325635130f.doc

    • Size

      39KB

    • MD5

      eac138b49c6f90896c9af5cbc8fe38b8

    • SHA1

      c44a683c787c1d9f2ed1a016d9bd5bda3275342f

    • SHA256

      44e593c98acaf52aee91c09fe00fa196668351783fc8a623fc1da5325635130f

    • SHA512

      a6b4ec448b8151ed5af7ede720340829cd39b3ced230fe16a5c7b3c86f67ac5cf4c8d94f7899564c884b0607f0881ce40442672965b4b2addc83b95c2f2b627a

    • SSDEEP

      384:t68NWgtQziS8px8SMDVvHLZTlteZoN0j:t68N5X3y9HH

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Modifies Installed Components in the registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks