Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a4823e7373d249fa9e1863519811f150N.exe
-
Size
120KB
-
Sample
240715-hzd9jaxckd
-
MD5
a4823e7373d249fa9e1863519811f150
-
SHA1
2a9642310f6e005d01bf7f8ca292df39d780f8ea
-
SHA256
1a30cddaee9769a65035e903875cd3a027bb51fbc5966d84caa58ad34cc74847
-
SHA512
7fc345ee0db83deb244d5b824f6c6705ed190d9ca3dc7722175e9aa05264b34bef446e38f1ecc712432b7570eb36fc0cc14b858103af1970fb88a575e1ef84c1
-
SSDEEP
3072:VkhWKfycRn3i0+x70hWCuVl/+ckztD7cosp:xKfjRnSp70wmRztD7s
Static task
static1
Behavioral task
behavioral1
Sample
a4823e7373d249fa9e1863519811f150N.dll
Resource
win7-20240704-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
a4823e7373d249fa9e1863519811f150N.exe
-
Size
120KB
-
MD5
a4823e7373d249fa9e1863519811f150
-
SHA1
2a9642310f6e005d01bf7f8ca292df39d780f8ea
-
SHA256
1a30cddaee9769a65035e903875cd3a027bb51fbc5966d84caa58ad34cc74847
-
SHA512
7fc345ee0db83deb244d5b824f6c6705ed190d9ca3dc7722175e9aa05264b34bef446e38f1ecc712432b7570eb36fc0cc14b858103af1970fb88a575e1ef84c1
-
SSDEEP
3072:VkhWKfycRn3i0+x70hWCuVl/+ckztD7cosp:xKfjRnSp70wmRztD7s
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5