Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ec42e1562fab95d0fbc86b3980cc392e368b50a4a150a2258d4293e4de1bc730

  • Size

    829KB

  • Sample

    240410-r5prwseg7w

  • MD5

    c3eb3cfd10be2d0351ab73466c10e956

  • SHA1

    cd587f71d861f501f5bca39aa17a0069b2488d1e

  • SHA256

    ec42e1562fab95d0fbc86b3980cc392e368b50a4a150a2258d4293e4de1bc730

  • SHA512

    0503ab3bb164d2df30552f327ac13d4a99a3cb3e818c2fbd3e776e4c6db60dea44ae2a27a045e0638fa003b01ce0e0a59bf9e345f12d25f32f4c09af337f5c9f

  • SSDEEP

    12288:+dn9cS78n8E8vNLDoOe+haIpI9hzGiMTt2CJt/siQ529loXi3ZVNp1vH/MNSMGj:+dx8uNLsbyax9hzvCbsiQUyX4THr

Score
7/10

Malware Config

Targets

    • Target

      ec42e1562fab95d0fbc86b3980cc392e368b50a4a150a2258d4293e4de1bc730

    • Size

      829KB

    • MD5

      c3eb3cfd10be2d0351ab73466c10e956

    • SHA1

      cd587f71d861f501f5bca39aa17a0069b2488d1e

    • SHA256

      ec42e1562fab95d0fbc86b3980cc392e368b50a4a150a2258d4293e4de1bc730

    • SHA512

      0503ab3bb164d2df30552f327ac13d4a99a3cb3e818c2fbd3e776e4c6db60dea44ae2a27a045e0638fa003b01ce0e0a59bf9e345f12d25f32f4c09af337f5c9f

    • SSDEEP

      12288:+dn9cS78n8E8vNLDoOe+haIpI9hzGiMTt2CJt/siQ529loXi3ZVNp1vH/MNSMGj:+dx8uNLsbyax9hzvCbsiQUyX4THr

    Score
    7/10
    • Deletes itself

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks