Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

4674052e1b...e8.exe

windows7-x64

8

4674052e1b...e8.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4674052e1bdaf5f0e51bf1a731e1b6e8.exe

  • Size

    5.3MB

  • Sample

    240609-emykvsdd4x

  • MD5

    4674052e1bdaf5f0e51bf1a731e1b6e8

  • SHA1

    341a06ed501decaa13e94284e9cf3bc9dc74321c

  • SHA256

    e71d256a4b1f8aff106556a27fc45f1c48384232353bd8028f588ba6ef59c3f6

  • SHA512

    4b24c67097d9a172f4a8826af8489b8c0c5c0160b4da40b070340105cd056005062d214808a3296d5fcb349ad21a97044a36ad28b4eceb0f7f9713dc91536ec8

  • SSDEEP

    98304:7LSHPhEzeeUn3SLIeOrctwZlaqYPXg3zwPLsfN3x:7e569UisISalPXHPLsfNh

Score
8/10
evasionexecutionpersistence

Malware Config

Targets

    • Target

      4674052e1bdaf5f0e51bf1a731e1b6e8.exe

    • Size

      5.3MB

    • MD5

      4674052e1bdaf5f0e51bf1a731e1b6e8

    • SHA1

      341a06ed501decaa13e94284e9cf3bc9dc74321c

    • SHA256

      e71d256a4b1f8aff106556a27fc45f1c48384232353bd8028f588ba6ef59c3f6

    • SHA512

      4b24c67097d9a172f4a8826af8489b8c0c5c0160b4da40b070340105cd056005062d214808a3296d5fcb349ad21a97044a36ad28b4eceb0f7f9713dc91536ec8

    • SSDEEP

      98304:7LSHPhEzeeUn3SLIeOrctwZlaqYPXg3zwPLsfN3x:7e569UisISalPXHPLsfNh

    Score
    8/10
    evasionexecutionpersistence

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Creates new service(s)

      persistenceexecution

    • Drops file in Drivers directory

    • Stops running service(s)

      evasionexecution

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks