Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

Nextware_V033048.msi

windows10-2004-x64

6

RUN.bat

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Detected_File_0ABF36490F029B995355BB6D4BB6BA181380E390_20240701132706+0700

  • Size

    7.7MB

  • Sample

    240701-hkgfca1hrm

  • MD5

    b593096ff055121ad0c9becda2fd4e4e

  • SHA1

    0abf36490f029b995355bb6d4bb6ba181380e390

  • SHA256

    4299b542be0fbc40cecc010755783f855a1548f99d870dd21a33ec22a60a5f71

  • SHA512

    1f02eb1350c8271ebabf542585126815b25cdac0d96a347c746b7c8e19b82d012feaa5744c12c1216ee9e23d98931b0bdb4339f82052c384f9b7bc53e680b038

  • SSDEEP

    196608:uMsnMBpEv4hB+rRdYAszWKQh9uEmOSVA5wCeniQIOZlJ3:4ugMB+z87K9uEmOgA5wv93

Score
7/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      Nextware_V033048.msi

    • Size

      9.8MB

    • MD5

      e67579e51e9a5853c34c08565ac6d37a

    • SHA1

      8419a63958537c050f84694faa9f92098dd07180

    • SHA256

      e2ae290e8a74a1864369730e469f2245c223149ad392a82b8a23314940c316a2

    • SHA512

      d9ba71bb9a707b3e01c173c261a0e5fad5df26593645d167be6bb2fa07a9de05c3c653112a67426055858c7b71c2e454e20696e008e71a7191abc0548deeb6a3

    • SSDEEP

      196608:kigrI6bi4oCCq+H882wIxyB0alAGWBo9AEMQU2sewQPWNG:k/i5ge882IllA1Bo9AEMQUO5

    Score
    6/10
    persistenceprivilege_escalation

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

    • Target

      RUN.bat

    • Size

      828B

    • MD5

      d4dcacb2d8247368193696f5bacff810

    • SHA1

      ee2ec8d85a98d415d2aa30623a37ab01011407f5

    • SHA256

      c615c922a29d2083f6c9ef68cbfe110a3c0e315947eda9dcee74da8c35e84401

    • SHA512

      84f551d54ed1cc1df7361eb4092032665a87dcefa59c9b814fb28e76431133127ce109075f24d09327ffa3874f9ff12969bdafb1167942502166cb1028545547

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral2

MITRE ATT&CK Enterprise v15

Tasks