Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    unbranded.exe

  • Size

    43.0MB

  • Sample

    240510-zv43tscf27

  • MD5

    292d7599721809df55d794067b069e21

  • SHA1

    218c6e4a91cdd1894b4cb12fdad028a312f84367

  • SHA256

    39f631d14f7eda098f11a8fc8e19e490514fb3d8c76f9541c9406d0427431d67

  • SHA512

    2612fadd960b0b65f9464877fda7f0942bb3b9ec246efcea0bb80f112328d3272d439621a524702ad28818a6b07be9e57c0edce772921b73c5ac639b23201de1

  • SSDEEP

    786432:jJmC/YZQpmme7kkJ1NpwXrJPVZ0GLoUfyp/1cxdzmTmxlJ/KD4:8C/YeQXP6rPeGEUA/1My4lJ/c4

Score
8/10

Malware Config

Targets

    • Target

      unbranded.exe

    • Size

      43.0MB

    • MD5

      292d7599721809df55d794067b069e21

    • SHA1

      218c6e4a91cdd1894b4cb12fdad028a312f84367

    • SHA256

      39f631d14f7eda098f11a8fc8e19e490514fb3d8c76f9541c9406d0427431d67

    • SHA512

      2612fadd960b0b65f9464877fda7f0942bb3b9ec246efcea0bb80f112328d3272d439621a524702ad28818a6b07be9e57c0edce772921b73c5ac639b23201de1

    • SSDEEP

      786432:jJmC/YZQpmme7kkJ1NpwXrJPVZ0GLoUfyp/1cxdzmTmxlJ/KD4:8C/YeQXP6rPeGEUA/1My4lJ/c4

    Score
    8/10
    • Drops file in Drivers directory

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks