Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
vs_update_win-x64_1.19.0-pre.10.exe
-
Size
87.5MB
-
Sample
240709-qyjrmawgpl
-
MD5
72e397f6cae84f0aa70b2f63c7e774d9
-
SHA1
bcf9b398a16e945027d2b165b5328cc43abc76d4
-
SHA256
1f1701651fec90b7c4961c8a3c685603148aef11863aa27e7a88c5d927473383
-
SHA512
366ee828069aa20bf7e692ad6a588edca9c60555d31d25176377301d720451748a6f555798f2edc349ebe8214c863c01b3301cec6d146cb4df56e5a9c03a2cd3
-
SSDEEP
1572864:y1GcaoA8M/lqHzXbISFM0gYOEKulLozrCd6YIYLwZyibG6sKkvk1fWySz:6moA8GqASCGOXu8JwUyuG6cs1fPSz
Static task
static1
Behavioral task
behavioral1
Sample
vs_update_win-x64_1.19.0-pre.10.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
vs_update_win-x64_1.19.0-pre.10.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
vs_update_win-x64_1.19.0-pre.10.exe
-
Size
87.5MB
-
MD5
72e397f6cae84f0aa70b2f63c7e774d9
-
SHA1
bcf9b398a16e945027d2b165b5328cc43abc76d4
-
SHA256
1f1701651fec90b7c4961c8a3c685603148aef11863aa27e7a88c5d927473383
-
SHA512
366ee828069aa20bf7e692ad6a588edca9c60555d31d25176377301d720451748a6f555798f2edc349ebe8214c863c01b3301cec6d146cb4df56e5a9c03a2cd3
-
SSDEEP
1572864:y1GcaoA8M/lqHzXbISFM0gYOEKulLozrCd6YIYLwZyibG6sKkvk1fWySz:6moA8GqASCGOXu8JwUyuG6cs1fPSz
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1