Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c3a96c90fde86766c39fd6589dc1b4e66b6af9ca9b052f279237f32801d6c262
-
Size
741KB
-
Sample
240706-cz3dgatapr
-
MD5
d0eae3535b6b0e9aa5acd3c4fcb248b3
-
SHA1
0343d67db96fb60246becbcabb615b82a78ca91d
-
SHA256
c3a96c90fde86766c39fd6589dc1b4e66b6af9ca9b052f279237f32801d6c262
-
SHA512
a81b37b96d0e2e3345e22db90a5deeee845af3a970ef9075d625de9b7bf06c0951550369515c8c5af8c006957946b8cc1e0186c8eac13609782e944dedccb2a9
-
SSDEEP
12288:ltTuh645I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1Ff:lIg4kt0Kd6F6CNzYhUiEWEYcw3
Static task
static1
Behavioral task
behavioral1
Sample
c3a96c90fde86766c39fd6589dc1b4e66b6af9ca9b052f279237f32801d6c262.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c3a96c90fde86766c39fd6589dc1b4e66b6af9ca9b052f279237f32801d6c262.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
c3a96c90fde86766c39fd6589dc1b4e66b6af9ca9b052f279237f32801d6c262
-
Size
741KB
-
MD5
d0eae3535b6b0e9aa5acd3c4fcb248b3
-
SHA1
0343d67db96fb60246becbcabb615b82a78ca91d
-
SHA256
c3a96c90fde86766c39fd6589dc1b4e66b6af9ca9b052f279237f32801d6c262
-
SHA512
a81b37b96d0e2e3345e22db90a5deeee845af3a970ef9075d625de9b7bf06c0951550369515c8c5af8c006957946b8cc1e0186c8eac13609782e944dedccb2a9
-
SSDEEP
12288:ltTuh645I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1Ff:lIg4kt0Kd6F6CNzYhUiEWEYcw3
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1