Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Run First.exe
-
Size
896KB
-
Sample
240420-tb6jnacf6x
-
MD5
3df354a50e13f7316e44b01739f99f2e
-
SHA1
a1d1c697cadecbab3c043259acae1c162e767f96
-
SHA256
5b05b1d4dc439d81003bc6fe8348716667070b69825222b2e0a9f91d66f86616
-
SHA512
25242ca3eb37d73e40df0682cc6e948f3d01b9741969de081edb7086b25dc064937cb4364b00882da5e78166c94d544ce1c54792b919c561593c70b0da842708
-
SSDEEP
12288:oqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgaETy:oqDEvCTbMWu7rQYlBQcBiT6rprG8aky
Malware Config
Targets
-
-
Target
Run First.exe
-
Size
896KB
-
MD5
3df354a50e13f7316e44b01739f99f2e
-
SHA1
a1d1c697cadecbab3c043259acae1c162e767f96
-
SHA256
5b05b1d4dc439d81003bc6fe8348716667070b69825222b2e0a9f91d66f86616
-
SHA512
25242ca3eb37d73e40df0682cc6e948f3d01b9741969de081edb7086b25dc064937cb4364b00882da5e78166c94d544ce1c54792b919c561593c70b0da842708
-
SSDEEP
12288:oqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgaETy:oqDEvCTbMWu7rQYlBQcBiT6rprG8aky
Score8/10-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-