Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Avira Phantom VPN 2.41.1.25731.exe
-
Size
7.2MB
-
Sample
240430-tal4macc37
-
MD5
bf245b7db7637e6b2991105f62cc76de
-
SHA1
1d7252929d5c4cb404a34e553b72757729c701d5
-
SHA256
c414e764c53a81c6beb2c393635044661da238380492c182162b37f3e82a8c89
-
SHA512
08380e7ab2012f453ec4cb72646ca3a920d32f2f253f5c956b239780d1d08e434c4353580f6f9c95317b0e76810bc9351def59039350b96a4d989ece80722076
-
SSDEEP
196608:cI+4fSWrh9ry+5jCyVCavZ7jnEDHGV6uXVM4Fz6Krg:cIBZrXryiC8fnImV1zIKrg
Static task
static1
Behavioral task
behavioral1
Sample
Avira Phantom VPN 2.41.1.25731.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Avira Phantom VPN 2.41.1.25731.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
Avira Phantom VPN 2.41.1.25731.exe
-
Size
7.2MB
-
MD5
bf245b7db7637e6b2991105f62cc76de
-
SHA1
1d7252929d5c4cb404a34e553b72757729c701d5
-
SHA256
c414e764c53a81c6beb2c393635044661da238380492c182162b37f3e82a8c89
-
SHA512
08380e7ab2012f453ec4cb72646ca3a920d32f2f253f5c956b239780d1d08e434c4353580f6f9c95317b0e76810bc9351def59039350b96a4d989ece80722076
-
SSDEEP
196608:cI+4fSWrh9ry+5jCyVCavZ7jnEDHGV6uXVM4Fz6Krg:cIBZrXryiC8fnImV1zIKrg
Score8/10-
Creates new service(s)
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1