Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    19f81c528168b498f04583aa45ff349bd0b6b9f6a5dd1bc8a6a47c07a3d1f6a9

  • Size

    225KB

  • Sample

    240519-xwes8add5z

  • MD5

    affcb8c8fa1604c96af2a02fcdc53245

  • SHA1

    51fdeeee539dd4ec719a3057ced7225bc7a3cd35

  • SHA256

    19f81c528168b498f04583aa45ff349bd0b6b9f6a5dd1bc8a6a47c07a3d1f6a9

  • SHA512

    c3b2b4a3503535cafef1e07330cd75254f37b4c8e50a732569f63b074d010cf61de3a5580b50190a42cb6ccbc4a0dbbc0b7c43bcd21f61167cdd572f230c4ae0

  • SSDEEP

    3072:8vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6u8vMSRW:8vEN2U+T6i5LirrllHy4HUcMQY6vMSk

Score
10/10

Malware Config

Targets

    • Target

      19f81c528168b498f04583aa45ff349bd0b6b9f6a5dd1bc8a6a47c07a3d1f6a9

    • Size

      225KB

    • MD5

      affcb8c8fa1604c96af2a02fcdc53245

    • SHA1

      51fdeeee539dd4ec719a3057ced7225bc7a3cd35

    • SHA256

      19f81c528168b498f04583aa45ff349bd0b6b9f6a5dd1bc8a6a47c07a3d1f6a9

    • SHA512

      c3b2b4a3503535cafef1e07330cd75254f37b4c8e50a732569f63b074d010cf61de3a5580b50190a42cb6ccbc4a0dbbc0b7c43bcd21f61167cdd572f230c4ae0

    • SSDEEP

      3072:8vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6u8vMSRW:8vEN2U+T6i5LirrllHy4HUcMQY6vMSk

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • UPX dump on OEP (original entry point)

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks