Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a512e4b2753ce1524d65c86c946f91d67da74eaf98f73cce3432d4ac9fe0db0f

  • Size

    480KB

  • Sample

    240603-b92z1sgd43

  • MD5

    241b6aab34f79dc49958b24c014d0a27

  • SHA1

    540d66b328ab198a081ae29ce9347cc4cb777ed5

  • SHA256

    a512e4b2753ce1524d65c86c946f91d67da74eaf98f73cce3432d4ac9fe0db0f

  • SHA512

    14679be9ff182599bb3cf0d420c9f8ccbe95b7f9432bd402b63a5691571fbf0115b8baf5155cca82c530da73a75ffa76ee57f55c00715125cd723e0307925d8a

  • SSDEEP

    6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDnu:nRDc3yWDNU+YUznzNjElWaT07NQtDu

Score
10/10

Malware Config

Targets

    • Target

      a512e4b2753ce1524d65c86c946f91d67da74eaf98f73cce3432d4ac9fe0db0f

    • Size

      480KB

    • MD5

      241b6aab34f79dc49958b24c014d0a27

    • SHA1

      540d66b328ab198a081ae29ce9347cc4cb777ed5

    • SHA256

      a512e4b2753ce1524d65c86c946f91d67da74eaf98f73cce3432d4ac9fe0db0f

    • SHA512

      14679be9ff182599bb3cf0d420c9f8ccbe95b7f9432bd402b63a5691571fbf0115b8baf5155cca82c530da73a75ffa76ee57f55c00715125cd723e0307925d8a

    • SSDEEP

      6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDnu:nRDc3yWDNU+YUznzNjElWaT07NQtDu

    Score
    10/10
    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Sets service image path in registry

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks