Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    486d07b44ecb8aedd18daa8fa0493822.png

  • Size

    22KB

  • Sample

    240501-jx4xvadc39

  • MD5

    b75b0d2fa8d5a8725c128590b2d6e922

  • SHA1

    ff5f233dbdea59fb0aeba187579a84a00bba2e15

  • SHA256

    69cfabd220265bdc9dec149bf14ba3a55d595e7a5106363887f536be6ab0ddfe

  • SHA512

    db9c1960580051d912f0f27477d3c4c5f6a9639cb785d63be80fd57fc35519dbbe809907e27096b7b5ce31e04e6d7d0e6c263dea70fab4ea543f77e0a1f02969

  • SSDEEP

    384:vcwX8L0d0zxLUBouyzaj0Ao0+QIFy/gFO8REOsq78QsTcnj:vcwXf0zdeouWaYAo0+hjFOrq4TI

Malware Config

Targets

    • Target

      486d07b44ecb8aedd18daa8fa0493822.png

    • Size

      22KB

    • MD5

      b75b0d2fa8d5a8725c128590b2d6e922

    • SHA1

      ff5f233dbdea59fb0aeba187579a84a00bba2e15

    • SHA256

      69cfabd220265bdc9dec149bf14ba3a55d595e7a5106363887f536be6ab0ddfe

    • SHA512

      db9c1960580051d912f0f27477d3c4c5f6a9639cb785d63be80fd57fc35519dbbe809907e27096b7b5ce31e04e6d7d0e6c263dea70fab4ea543f77e0a1f02969

    • SSDEEP

      384:vcwX8L0d0zxLUBouyzaj0Ao0+QIFy/gFO8REOsq78QsTcnj:vcwXf0zdeouWaYAo0+hjFOrq4TI

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Registers COM server for autorun

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Blocklisted process makes network request

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks