Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ConsoleAct_x64.exe

  • Size

    1.0MB

  • Sample

    240709-v6lcmswbjp

  • MD5

    8101ffc7c364c9d4d6810c9cbe5b3e43

  • SHA1

    fa266f7cc07d7b51fb1d5a86c73cecf204f28912

  • SHA256

    5665306da70d8314c1075753e62ccc4163722bc1dd01d6e440f8268e624764bf

  • SHA512

    9731b223ef1f02a7bb01afe13c985038517838166e1b90fc88aafa23aaf3e3fdb5a64229a0c5a8960608047f93b4afca0a6c10ad64f635104f01929e996520c7

  • SSDEEP

    24576:WV2HeytcxKV0XOnZe8i5dCppc50CxO7EyyXAAsWvZmSGqb4LQRyg:WVceytcb8i5WchOCQrWvZzGVQUg

Malware Config

Targets

    • Target

      ConsoleAct_x64.exe

    • Size

      1.0MB

    • MD5

      8101ffc7c364c9d4d6810c9cbe5b3e43

    • SHA1

      fa266f7cc07d7b51fb1d5a86c73cecf204f28912

    • SHA256

      5665306da70d8314c1075753e62ccc4163722bc1dd01d6e440f8268e624764bf

    • SHA512

      9731b223ef1f02a7bb01afe13c985038517838166e1b90fc88aafa23aaf3e3fdb5a64229a0c5a8960608047f93b4afca0a6c10ad64f635104f01929e996520c7

    • SSDEEP

      24576:WV2HeytcxKV0XOnZe8i5dCppc50CxO7EyyXAAsWvZmSGqb4LQRyg:WVceytcb8i5WchOCQrWvZzGVQUg

    • Event Triggered Execution: Image File Execution Options Injection

    • Modifies Windows Firewall

    • Stops running service(s)

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks