Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b3e1269b978cc3e231e7b3400a474344e489a8e7a59bb7b369a9216304261276

  • Size

    132KB

  • Sample

    240625-bwe84atalg

  • MD5

    9635e2fe9b04cbe621ead618173d54ce

  • SHA1

    de8171b31ea2a48abb5ed193bf19d69ded0ee8ea

  • SHA256

    b3e1269b978cc3e231e7b3400a474344e489a8e7a59bb7b369a9216304261276

  • SHA512

    375c1db30e0b8571d335ca393139f1f1509491208023099c1b60787bebc03529272979ade6a56d16d9b177bfd2aa84c8c913aecbbcb940d85753e0d6f02e4388

  • SSDEEP

    3072:fplN73aQUlvjHJKuKidtQjrwZ7M4W5NjapLNnAikAx:xjWrLJKuKnGML5Njcx5jx

Score
10/10

Malware Config

Targets

    • Target

      b3e1269b978cc3e231e7b3400a474344e489a8e7a59bb7b369a9216304261276

    • Size

      132KB

    • MD5

      9635e2fe9b04cbe621ead618173d54ce

    • SHA1

      de8171b31ea2a48abb5ed193bf19d69ded0ee8ea

    • SHA256

      b3e1269b978cc3e231e7b3400a474344e489a8e7a59bb7b369a9216304261276

    • SHA512

      375c1db30e0b8571d335ca393139f1f1509491208023099c1b60787bebc03529272979ade6a56d16d9b177bfd2aa84c8c913aecbbcb940d85753e0d6f02e4388

    • SSDEEP

      3072:fplN73aQUlvjHJKuKidtQjrwZ7M4W5NjapLNnAikAx:xjWrLJKuKnGML5Njcx5jx

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables use of System Restore points

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks