Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    44e593c98acaf52aee91c09fe00fa196668351783fc8a623fc1da5325635130f.zip

  • Size

    11KB

  • Sample

    240402-mnj3vsfg37

  • MD5

    31f1b8fea2aef6fb629707e75fbe942d

  • SHA1

    969161f0e7a2743b279a8f62a5f99a6312397e78

  • SHA256

    8e6eb738678c96e30e5411408c9f5e6640c7bf7d645ac796ecd5c2cb7607e1c7

  • SHA512

    911971d264ddedd264070ad2cd7740e88b32132dea4eb3624e0e6e2bcda9a5f91affc74330b0446bc510d87a93c1fe38cd8fa65442ac36a0581232251b848990

  • SSDEEP

    192:1Fv4KL8Enx1pdPGjamOgaTlvjntxmCrjpDOG1Y42OyS6fayV9ZH5:XvbXx1pdPGOmO/bnDmCrTu4+S8BvZH5

Malware Config

Targets

    • Target

      44e593c98acaf52aee91c09fe00fa196668351783fc8a623fc1da5325635130f.doc

    • Size

      39KB

    • MD5

      eac138b49c6f90896c9af5cbc8fe38b8

    • SHA1

      c44a683c787c1d9f2ed1a016d9bd5bda3275342f

    • SHA256

      44e593c98acaf52aee91c09fe00fa196668351783fc8a623fc1da5325635130f

    • SHA512

      a6b4ec448b8151ed5af7ede720340829cd39b3ced230fe16a5c7b3c86f67ac5cf4c8d94f7899564c884b0607f0881ce40442672965b4b2addc83b95c2f2b627a

    • SSDEEP

      384:t68NWgtQziS8px8SMDVvHLZTlteZoN0j:t68N5X3y9HH

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Modifies Installed Components in the registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks