Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
settings.json
-
Size
717B
-
Sample
240417-tge9nagc4x
-
MD5
9524b55958a0e976a0b97cda97c12516
-
SHA1
c27592c0c683be473ccc0f1299a1a464f9f4792b
-
SHA256
092129f26834f0f3453c3c0cf6fc450c8d9c00e8521a464affb3b5696ae7263c
-
SHA512
cf122e2a291baa58a753bccc0f7cc0d93ab35f62bd39ffce5cba29e9455f904727d7496f70154254c154481adcd25f59137d993b81c0f8d7c2642a6624ec5407
Static task
static1
Malware Config
Targets
-
-
Target
settings.json
-
Size
717B
-
MD5
9524b55958a0e976a0b97cda97c12516
-
SHA1
c27592c0c683be473ccc0f1299a1a464f9f4792b
-
SHA256
092129f26834f0f3453c3c0cf6fc450c8d9c00e8521a464affb3b5696ae7263c
-
SHA512
cf122e2a291baa58a753bccc0f7cc0d93ab35f62bd39ffce5cba29e9455f904727d7496f70154254c154481adcd25f59137d993b81c0f8d7c2642a6624ec5407
-
Downloads MZ/PE file
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Impair Defenses
1Disable or Modify Tools
1Modify Registry
5Subvert Trust Controls
1Install Root Certificate
1