Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

sample.html

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sample

  • Size

    20KB

  • Sample

    240616-vxyllsvamm

  • MD5

    1f41f1be2cd0afc12137092543cc3974

  • SHA1

    1a02e53f867ff2af8b93109f2cefba0f9e15a3cd

  • SHA256

    03c996c229669cc3813f6c18ee0210389c495b9d4405f569c557b0ea1a6c2309

  • SHA512

    64f10f8bf52b8e30689fa9b8bed5e32c15d8ad9e71bc0f702d6050fa78bb1541cef2d35b9ed6d78b394a2c96d3ed873301d57e1e020b82f2e1cf1a6ea5285297

  • SSDEEP

    384:rSW5fgaspY1ocy4f4lbGa8UQHhhbiZ0myUK2fa2hOwV0b0G+DNxCqcR1:rS21ocy4AEaSBhbe0lh2hOwSb0VxQR1

Score
8/10
adwarediscoveryevasionpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      sample

    • Size

      20KB

    • MD5

      1f41f1be2cd0afc12137092543cc3974

    • SHA1

      1a02e53f867ff2af8b93109f2cefba0f9e15a3cd

    • SHA256

      03c996c229669cc3813f6c18ee0210389c495b9d4405f569c557b0ea1a6c2309

    • SHA512

      64f10f8bf52b8e30689fa9b8bed5e32c15d8ad9e71bc0f702d6050fa78bb1541cef2d35b9ed6d78b394a2c96d3ed873301d57e1e020b82f2e1cf1a6ea5285297

    • SSDEEP

      384:rSW5fgaspY1ocy4f4lbGa8UQHhhbiZ0myUK2fa2hOwV0b0G+DNxCqcR1:rS21ocy4AEaSBhbe0lh2hOwSb0VxQR1

    Score
    8/10
    adwarediscoveryevasionpersistencespywarestealertrojan

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Registers COM server for autorun

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks