Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Seven.zip
-
Size
941KB
-
Sample
240430-yzat4sgg95
-
MD5
add36886ca27cb68edf857683c7ee095
-
SHA1
43f7dbdcd711f2559ec365899a24dfe9f08affe0
-
SHA256
87f596c598f0121d44da56413452beb2e4e30e2811b042ea51bc725e76f6f85c
-
SHA512
af43de3cfebf86a86016599e18ec96b1763956c1119df17ffea78dd187b5bb9afd2e71c312cbd616f3947fb468fd4d7984a537758586b80830991afd78b602aa
-
SSDEEP
24576:Z1WJQK9uq3HLViydbpQ96YTD3hz2ITmQHL2HmWhGilz:nWDuqZhdw6YX3p2cxhm
Static task
static1
Behavioral task
behavioral1
Sample
Seven.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral2
Sample
Seven.exe
Resource
win11-20240426-en
Behavioral task
behavioral3
Sample
Seven.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Seven.dll
-
Size
873KB
-
MD5
69d03bfee77792608d025663fda3f818
-
SHA1
75d53668cd5d7cbebe48130ddf56d4e79903cc52
-
SHA256
71334ed96ff3420f7af50a8a34c911b716522faaa116eb07f3a4044dc4e215bd
-
SHA512
e90a745b1e82911fee31299c445e7910e16afde0e6d255b1eae41b02e896dd6790bced83d3927bb76da5d3c9a294ae9420ba7b278253cf1447abd2fdebc774a5
-
SSDEEP
24576:Xnsi9iqjHnVuydxDQbwuT1RZzaI7y0HxwHyWDm:Xfiqxld+wuRRBa6dh
Score1/10 -
-
-
Target
Seven.exe
-
Size
139KB
-
MD5
350273e0d2e8a9ba5e37b791016112a0
-
SHA1
5bfb616dd46f67d1dcbbff55ca5917ffc1ec8b71
-
SHA256
27297bf8139bea755e9297e7e1489d827d1ee09a8e1d94a3ef96a2edb2de61ba
-
SHA512
b1e768524b4e840bd5f4163205122dd1725583245d8bfd5cbd89eb21a5fb9d33aff1b7b0ca42132b7dae469e025068ae663b3b02ad59927a558dc340141ec91b
-
SSDEEP
3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn27bSfcJd8ltw:miS4ompB9S3BZi0a1G78IVhcTct
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Disables cmd.exe use via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1