Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cs_16_clean_eng.exe

  • Size

    224.8MB

  • Sample

    240614-epjvgsycnn

  • MD5

    dbaf7f5ad00ac36634157fea521b06b8

  • SHA1

    197cd6425b75b7b6b7d98ab2e1b78ebfa1fdabb4

  • SHA256

    effe20c99531f18ba413f3220992dffe459def60cbe00321d18245e78fe1f711

  • SHA512

    6c038d6285a0c9b4324be4c8b3bb1915bb759ccb255a107e74d491f15df48f52b99655b13ae58d36a59ab5b30653e8841ee7c9012622b25b55fb33f625578632

  • SSDEEP

    6291456:7eNxaHTe03fXiH4Mm2T9wxP2LSbL9CgPmyfOfefmbH:7eNxaHT93Tm9wxeLSn9dPmpBj

Malware Config

Targets

    • Target

      cs_16_clean_eng.exe

    • Size

      224.8MB

    • MD5

      dbaf7f5ad00ac36634157fea521b06b8

    • SHA1

      197cd6425b75b7b6b7d98ab2e1b78ebfa1fdabb4

    • SHA256

      effe20c99531f18ba413f3220992dffe459def60cbe00321d18245e78fe1f711

    • SHA512

      6c038d6285a0c9b4324be4c8b3bb1915bb759ccb255a107e74d491f15df48f52b99655b13ae58d36a59ab5b30653e8841ee7c9012622b25b55fb33f625578632

    • SSDEEP

      6291456:7eNxaHTe03fXiH4Mm2T9wxP2LSbL9CgPmyfOfefmbH:7eNxaHT93Tm9wxeLSn9dPmpBj

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks