Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    sample

  • Size

    20KB

  • Sample

    240420-n81f1sgd29

  • MD5

    8f38eeee5cf9d6712f6eb9e4c43f293d

  • SHA1

    c27a28463b3e804d50ae91cead6a427fbfff7ef2

  • SHA256

    e368c1bc562c0f4769de6f52d934a4bac97ad6d5c6e7d84d6e3d8ddf59b3f3d4

  • SHA512

    b3bded141d5748c1cf08f573d1ac73173e52dd3d236f2b4f5d7bc987c95a55d50c0d4d84b5f34a1131a418d7a9005bcdc39b3f2109ab7347d18316f1cd0df34d

  • SSDEEP

    384:rL0fFJw5xednDpmReVoOs4Ci9ylKeGM0Uukf5HhhbUg0bM7UjS2LjFrSnT+7VJCg:rL0fFJgGnBVoOs4CmyI1MQkf5BhbFpUX

Malware Config

Targets

    • Target

      sample

    • Size

      20KB

    • MD5

      8f38eeee5cf9d6712f6eb9e4c43f293d

    • SHA1

      c27a28463b3e804d50ae91cead6a427fbfff7ef2

    • SHA256

      e368c1bc562c0f4769de6f52d934a4bac97ad6d5c6e7d84d6e3d8ddf59b3f3d4

    • SHA512

      b3bded141d5748c1cf08f573d1ac73173e52dd3d236f2b4f5d7bc987c95a55d50c0d4d84b5f34a1131a418d7a9005bcdc39b3f2109ab7347d18316f1cd0df34d

    • SSDEEP

      384:rL0fFJw5xednDpmReVoOs4Ci9ylKeGM0Uukf5HhhbUg0bM7UjS2LjFrSnT+7VJCg:rL0fFJgGnBVoOs4CmyI1MQkf5BhbFpUX

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks