Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1cba4f1ded2035497e39d29dbee0cba41832318bdae097a181e6050dfbd92888

  • Size

    2.1MB

  • Sample

    240520-yna1qseg27

  • MD5

    3221599982d4f3a4afa3fa3ec597200b

  • SHA1

    2c04f37e5f595f8f0182b1e652481e53820a191a

  • SHA256

    1cba4f1ded2035497e39d29dbee0cba41832318bdae097a181e6050dfbd92888

  • SHA512

    fb323d99c549657c07b7e340987e0bb6451a0bb03a25e929b672322f796f944ca27a0a6ca3095b4bc1c67eebb6241e0191fa27100baae4738e0d7b314fd7c457

  • SSDEEP

    24576:BezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbEwlKjpuzBF6727XL1+Kwen8Z2I4:BezaTF8FcNkNdfE0pZ9ozt4wIQHxlUy

Malware Config

Targets

    • Target

      1cba4f1ded2035497e39d29dbee0cba41832318bdae097a181e6050dfbd92888

    • Size

      2.1MB

    • MD5

      3221599982d4f3a4afa3fa3ec597200b

    • SHA1

      2c04f37e5f595f8f0182b1e652481e53820a191a

    • SHA256

      1cba4f1ded2035497e39d29dbee0cba41832318bdae097a181e6050dfbd92888

    • SHA512

      fb323d99c549657c07b7e340987e0bb6451a0bb03a25e929b672322f796f944ca27a0a6ca3095b4bc1c67eebb6241e0191fa27100baae4738e0d7b314fd7c457

    • SSDEEP

      24576:BezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbEwlKjpuzBF6727XL1+Kwen8Z2I4:BezaTF8FcNkNdfE0pZ9ozt4wIQHxlUy

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • UPX dump on OEP (original entry point)

    • XMRig Miner payload

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks