Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

06f1db7e2d...56.exe

windows7-x64

10

06f1db7e2d...56.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06f1db7e2d13b39634d840cdd5fdf8620d7b8055daa0c99b59a35f493e045b56

  • Size

    2.8MB

  • Sample

    240417-m381jaec8x

  • MD5

    f310ba4fb49fc16adcdbf496cf10d0b9

  • SHA1

    da20ab2693953887be2733463dd611fb7a663fb5

  • SHA256

    06f1db7e2d13b39634d840cdd5fdf8620d7b8055daa0c99b59a35f493e045b56

  • SHA512

    6f00d2814f3d0f9f005fe8418c8e0a8984e122a4936afa77b95890d8b0885e9f613df5fc4183eace60492ceb15d4e91e6775e77bebf38c9b7e6e76cb44af60a2

  • SSDEEP

    49152:TXsWHXechxxMKou3Sjd140gihhMP+W70cjib1FZTeAL8z:TlHX5hxxbou6sYjW7LJ

Score
10/10
salitybackdoordiscoveryevasiontrojanupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      06f1db7e2d13b39634d840cdd5fdf8620d7b8055daa0c99b59a35f493e045b56

    • Size

      2.8MB

    • MD5

      f310ba4fb49fc16adcdbf496cf10d0b9

    • SHA1

      da20ab2693953887be2733463dd611fb7a663fb5

    • SHA256

      06f1db7e2d13b39634d840cdd5fdf8620d7b8055daa0c99b59a35f493e045b56

    • SHA512

      6f00d2814f3d0f9f005fe8418c8e0a8984e122a4936afa77b95890d8b0885e9f613df5fc4183eace60492ceb15d4e91e6775e77bebf38c9b7e6e76cb44af60a2

    • SSDEEP

      49152:TXsWHXechxxMKou3Sjd140gihhMP+W70cjib1FZTeAL8z:TlHX5hxxbou6sYjW7LJ

    Score
    10/10
    salitybackdoordiscoveryevasiontrojanupx

    • Modifies firewall policy service

      evasion

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UAC bypass

      evasiontrojan

    • Windows security bypass

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Windows security modification

      evasiontrojan

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.