Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    sscan document_doc.exe.exe

  • Size

    3.4MB

  • Sample

    240430-tdztwscd43

  • MD5

    f2d15e59eba18374eb35098e4e460a3d

  • SHA1

    54572c44c5835ffa1e8a331c76f4b38f9e775c7f

  • SHA256

    c3c08271d1ebc069e92c3357769d962d3b086e1a85e0b00fb426bb7d80b93d16

  • SHA512

    e649a2745114a37aafa982c579767b63a51d2420e71ee71dad18c54841fa5d33745ae72f2ae0e910afdd05f542cc50adcf97108b0b98d7700bcb9687e391e4dc

  • SSDEEP

    49152:Jp98Mq2HVhpqDD1yWi/yLZCxo5zkJB0r42PRn7wPO0/rNcLH+M2/o2ejWExVX5V:JR1hIiqJwqBiPIRS6X5V

Score
8/10

Malware Config

Targets

    • Target

      sscan document_doc.exe.exe

    • Size

      3.4MB

    • MD5

      f2d15e59eba18374eb35098e4e460a3d

    • SHA1

      54572c44c5835ffa1e8a331c76f4b38f9e775c7f

    • SHA256

      c3c08271d1ebc069e92c3357769d962d3b086e1a85e0b00fb426bb7d80b93d16

    • SHA512

      e649a2745114a37aafa982c579767b63a51d2420e71ee71dad18c54841fa5d33745ae72f2ae0e910afdd05f542cc50adcf97108b0b98d7700bcb9687e391e4dc

    • SSDEEP

      49152:Jp98Mq2HVhpqDD1yWi/yLZCxo5zkJB0r42PRn7wPO0/rNcLH+M2/o2ejWExVX5V:JR1hIiqJwqBiPIRS6X5V

    Score
    8/10
    • Adds policy Run key to start application

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks