Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ConfigureDefender.exe

  • Size

    2.3MB

  • Sample

    240427-fa8ezabc29

  • MD5

    9913d5f652dbf25d363ff3d7b5cd1fc2

  • SHA1

    151de1e486bcf572b9334472355f3623ea10b05a

  • SHA256

    cb97e869fa64eb7c797a1b817f20d63cbd8310a26f4249c5727be2b776c98f16

  • SHA512

    7ca70bc1f6b75677ee1f565ca5f22be0224b47f2e7000b82a7b22c8edb0e3306c058bbb67f68ca6a403fae1b6f02d75b6b7f2f0306cc2a814ae0447c0879997b

  • SSDEEP

    49152:XLqgyALphFVTPAb3FbfxPBfV0Esz40BOdo6dPsdjvf3xTZtVYEszl:XLqgyUplPAb3JfxZfV0EUp0PsdjX3xFa

Score
7/10
upx

Malware Config

Targets

    • Target

      ConfigureDefender.exe

    • Size

      2.3MB

    • MD5

      9913d5f652dbf25d363ff3d7b5cd1fc2

    • SHA1

      151de1e486bcf572b9334472355f3623ea10b05a

    • SHA256

      cb97e869fa64eb7c797a1b817f20d63cbd8310a26f4249c5727be2b776c98f16

    • SHA512

      7ca70bc1f6b75677ee1f565ca5f22be0224b47f2e7000b82a7b22c8edb0e3306c058bbb67f68ca6a403fae1b6f02d75b6b7f2f0306cc2a814ae0447c0879997b

    • SSDEEP

      49152:XLqgyALphFVTPAb3FbfxPBfV0Esz40BOdo6dPsdjvf3xTZtVYEszl:XLqgyUplPAb3JfxZfV0EUp0PsdjX3xFa

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    • Target

      $PLUGINSDIR/nsRandom.dll

    • Size

      21KB

    • MD5

      ab467b8dfaa660a0f0e5b26e28af5735

    • SHA1

      596abd2c31eaff3479edf2069db1c155b59ce74d

    • SHA256

      db267d9920395b4badc48de04df99dfd21d579480d103cae0f48e6578197ff73

    • SHA512

      7d002dc203997b8a4d8ec20c92cd82848e29d746414f4a61265c76d4afb12c05bce826fc63f4d2bd3d527f38506c391855767d864c37584df11b5db9ca008301

    • SSDEEP

      384:LCHDPMs4GdtyO5roguusMxUXiO3wOw95euooP2UgKbd9BvNtf:LCHD6Gh87MKXil/5r2U3z

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $_0_/ConfigureDefender_x64.exe

    • Size

      1.8MB

    • MD5

      0f8ee39a0e3662205aa268c9a44f694f

    • SHA1

      56271747a560ae2f2af08bd5fafd3e404baf21c2

    • SHA256

      5b431d9be209a84b0e6c366bb676956c5e2b6a6b8d9d525a062b1931f4f30aad

    • SHA512

      a43249ef57533c2f509470775a82729a3de9f06ce8d22571afb1e7057c7560880e13c967d16f74a5b430d41d6289c98b382afcb89a3e839b1788de24af826a76

    • SSDEEP

      49152:5G00SSgCmP/ZwYj48a0vjPebNJb3xxLtVgEsz5:5JnZwQrPebNl3xVtVgEU5

    Score
    1/10
    • Target

      $_0_/ConfigureDefender_x86.exe

    • Size

      1.7MB

    • MD5

      7e5192a68a3e5c8827dc8e34e6e1541d

    • SHA1

      ae8462a14e8c194c3f545ce0084be52e705db94a

    • SHA256

      0aa5287900a1c02cacb0133d5c7cd6dd22b98339d87f5e936d48eb5a6d7baac1

    • SHA512

      6bca7264070ce31232cd3b07f715a313f66d74c134868c0316af5e3ff8e52b98ca2fd60912a8fe82c236dcd99f23398584c881bf9d9f8a6e11af4670f7a5977a

    • SSDEEP

      24576:BCdxte/80jYLT3U1jfsWabikPe7HNwmas3xT1AKtH1DkEsz3WQs:gw80cTsjkWabNPebNJb3xxLtVgEszRs

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks