Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

install.bat

windows10-2004-x64

8

Resubmissions

03/07/2024, 23:11

240703-26b8assfpe 8

03/07/2024, 23:05

240703-22zg2aseka 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    install.bat

  • Size

    568B

  • Sample

    240703-22zg2aseka

  • MD5

    e861a08036b9eb5f216deb58e8a7934d

  • SHA1

    5f12dd049df2f88d95f205a4adc307df78ac16ee

  • SHA256

    e8315164849216f4c670c13b008e063da2176efb5d08939caa321e39a33035eb

  • SHA512

    7ea2fd3b085bd4b3e27d4dda36e079ec8910173cc2b33ccd06698051eb7d5f2818ed9000761d1fc44e354c06d015feb16e77958dab8a3969a0cee2fd453ca0c9

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      install.bat

    • Size

      568B

    • MD5

      e861a08036b9eb5f216deb58e8a7934d

    • SHA1

      5f12dd049df2f88d95f205a4adc307df78ac16ee

    • SHA256

      e8315164849216f4c670c13b008e063da2176efb5d08939caa321e39a33035eb

    • SHA512

      7ea2fd3b085bd4b3e27d4dda36e079ec8910173cc2b33ccd06698051eb7d5f2818ed9000761d1fc44e354c06d015feb16e77958dab8a3969a0cee2fd453ca0c9

    Score
    8/10
    evasionpersistence

    • Disables Task Manager via registry modification

      evasion

    • Drops file in Drivers directory

    • Sets service image path in registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks