Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Run First.exe

  • Size

    896KB

  • Sample

    240420-tb6jnacf6x

  • MD5

    3df354a50e13f7316e44b01739f99f2e

  • SHA1

    a1d1c697cadecbab3c043259acae1c162e767f96

  • SHA256

    5b05b1d4dc439d81003bc6fe8348716667070b69825222b2e0a9f91d66f86616

  • SHA512

    25242ca3eb37d73e40df0682cc6e948f3d01b9741969de081edb7086b25dc064937cb4364b00882da5e78166c94d544ce1c54792b919c561593c70b0da842708

  • SSDEEP

    12288:oqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgaETy:oqDEvCTbMWu7rQYlBQcBiT6rprG8aky

Score
8/10

Malware Config

Targets

    • Target

      Run First.exe

    • Size

      896KB

    • MD5

      3df354a50e13f7316e44b01739f99f2e

    • SHA1

      a1d1c697cadecbab3c043259acae1c162e767f96

    • SHA256

      5b05b1d4dc439d81003bc6fe8348716667070b69825222b2e0a9f91d66f86616

    • SHA512

      25242ca3eb37d73e40df0682cc6e948f3d01b9741969de081edb7086b25dc064937cb4364b00882da5e78166c94d544ce1c54792b919c561593c70b0da842708

    • SSDEEP

      12288:oqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgaETy:oqDEvCTbMWu7rQYlBQcBiT6rprG8aky

    Score
    8/10
    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks