Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
486d07b44ecb8aedd18daa8fa0493822.png
-
Size
22KB
-
Sample
240501-jx4xvadc39
-
MD5
b75b0d2fa8d5a8725c128590b2d6e922
-
SHA1
ff5f233dbdea59fb0aeba187579a84a00bba2e15
-
SHA256
69cfabd220265bdc9dec149bf14ba3a55d595e7a5106363887f536be6ab0ddfe
-
SHA512
db9c1960580051d912f0f27477d3c4c5f6a9639cb785d63be80fd57fc35519dbbe809907e27096b7b5ce31e04e6d7d0e6c263dea70fab4ea543f77e0a1f02969
-
SSDEEP
384:vcwX8L0d0zxLUBouyzaj0Ao0+QIFy/gFO8REOsq78QsTcnj:vcwXf0zdeouWaYAo0+hjFOrq4TI
Static task
static1
Behavioral task
behavioral1
Sample
486d07b44ecb8aedd18daa8fa0493822.png
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
486d07b44ecb8aedd18daa8fa0493822.png
-
Size
22KB
-
MD5
b75b0d2fa8d5a8725c128590b2d6e922
-
SHA1
ff5f233dbdea59fb0aeba187579a84a00bba2e15
-
SHA256
69cfabd220265bdc9dec149bf14ba3a55d595e7a5106363887f536be6ab0ddfe
-
SHA512
db9c1960580051d912f0f27477d3c4c5f6a9639cb785d63be80fd57fc35519dbbe809907e27096b7b5ce31e04e6d7d0e6c263dea70fab4ea543f77e0a1f02969
-
SSDEEP
384:vcwX8L0d0zxLUBouyzaj0Ao0+QIFy/gFO8REOsq78QsTcnj:vcwXf0zdeouWaYAo0+hjFOrq4TI
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Registers COM server for autorun
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
File and Directory Permissions Modification
1Modify Registry
4Subvert Trust Controls
1Install Root Certificate
1