Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
278081c237457aae1adf9bf89b269490.exe
-
Size
120KB
-
Sample
240706-bpxjss1fnl
-
MD5
278081c237457aae1adf9bf89b269490
-
SHA1
925da4535f3fabf8a054c6c0becc373c1bdd44a9
-
SHA256
84a6053f02280f23936da10437d8c18f0bebe8ca481d08c165cfa74c8936685b
-
SHA512
287890a4032a99fdfd1d969f9a528d68c912446e0535a5a3d523d24a7d99c17ffadaeab16ea02c05f5ed291b3ad2c0a78086e762f221bcb7683c3006f112103c
-
SSDEEP
1536:t4pd3AWNyzemHOzGwsOf0ZONUpcZ5OMS2gRe5qHT76fR+G5fZcUMutiqPHEu+/Sd:m8Ozt4vc6r2gU5qHT7U+y7DrIA
Static task
static1
Behavioral task
behavioral1
Sample
278081c237457aae1adf9bf89b269490.dll
Resource
win7-20240220-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
278081c237457aae1adf9bf89b269490.exe
-
Size
120KB
-
MD5
278081c237457aae1adf9bf89b269490
-
SHA1
925da4535f3fabf8a054c6c0becc373c1bdd44a9
-
SHA256
84a6053f02280f23936da10437d8c18f0bebe8ca481d08c165cfa74c8936685b
-
SHA512
287890a4032a99fdfd1d969f9a528d68c912446e0535a5a3d523d24a7d99c17ffadaeab16ea02c05f5ed291b3ad2c0a78086e762f221bcb7683c3006f112103c
-
SSDEEP
1536:t4pd3AWNyzemHOzGwsOf0ZONUpcZ5OMS2gRe5qHT76fR+G5fZcUMutiqPHEu+/Sd:m8Ozt4vc6r2gU5qHT7U+y7DrIA
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5