Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

2024-05-27...ia.exe

windows7-x64

9

2024-05-27...ia.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-27_bfb08bb79d09bcf158ab19690b299dde_floxif_mafia

  • Size

    2.6MB

  • Sample

    240527-bzlkaabf21

  • MD5

    bfb08bb79d09bcf158ab19690b299dde

  • SHA1

    18927619b000ad8f0d35da573aeeb3dc7ecdbfdc

  • SHA256

    911650ec348e4e9147c5c98a17b81094114649c60bac5234123ccae911c0c2b2

  • SHA512

    4f2da7db2115f40a5e5266eda5e511dd9daebd5ba7efec74fba8d70aa7349c46448e166b2ec90af1a20116c77aad82e37f4992d57487956937aa590dca72dee5

  • SSDEEP

    49152:IIVzT3E98xaErWS/zggX1zY0jg7VbOQDy8WhK++jJ9/jEfTBRPx7WdWhyjvijvi0:lJVxHWS/zggXC087sQDy8WhK++jJcTBn

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      2024-05-27_bfb08bb79d09bcf158ab19690b299dde_floxif_mafia

    • Size

      2.6MB

    • MD5

      bfb08bb79d09bcf158ab19690b299dde

    • SHA1

      18927619b000ad8f0d35da573aeeb3dc7ecdbfdc

    • SHA256

      911650ec348e4e9147c5c98a17b81094114649c60bac5234123ccae911c0c2b2

    • SHA512

      4f2da7db2115f40a5e5266eda5e511dd9daebd5ba7efec74fba8d70aa7349c46448e166b2ec90af1a20116c77aad82e37f4992d57487956937aa590dca72dee5

    • SSDEEP

      49152:IIVzT3E98xaErWS/zggX1zY0jg7VbOQDy8WhK++jJ9/jEfTBRPx7WdWhyjvijvi0:lJVxHWS/zggXC087sQDy8WhK++jJcTBn

    Score
    9/10
    persistenceupx

    • UPX dump on OEP (original entry point)

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks