Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

ID to TOKEN.py

windows11-21h2-x64

8

Resubmissions

19/07/2024, 11:21 UTC

240719-nggjts1hpc 6

19/07/2024, 11:06 UTC

240719-m7vnps1emb 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ID to TOKEN.py

  • Size

    5KB

  • Sample

    240719-m7vnps1emb

  • MD5

    391d0c0c2c22540e9a631a180a739722

  • SHA1

    81848c775bd8d4efa3f75a34caa73184813d0276

  • SHA256

    f7d780b18d0fefff78a359cc0645781266ac302e4509a07476b92d7fdf49fe6b

  • SHA512

    15c39ef25cb7d1a3949e5b028ff66408386b0aaed4034af5a9181d77f5461369a6c87e066c3bc64affb8cc875ff947774fcc79bf8795e21e296e259dbfa05c50

  • SSDEEP

    96:rMkv2VuawZBLIBfI3p8DpvlRXdFVrepZq2MDlwH2i:Z2Vuaw3LIBfI58nRzVr12elwH2i

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      ID to TOKEN.py

    • Size

      5KB

    • MD5

      391d0c0c2c22540e9a631a180a739722

    • SHA1

      81848c775bd8d4efa3f75a34caa73184813d0276

    • SHA256

      f7d780b18d0fefff78a359cc0645781266ac302e4509a07476b92d7fdf49fe6b

    • SHA512

      15c39ef25cb7d1a3949e5b028ff66408386b0aaed4034af5a9181d77f5461369a6c87e066c3bc64affb8cc875ff947774fcc79bf8795e21e296e259dbfa05c50

    • SSDEEP

      96:rMkv2VuawZBLIBfI3p8DpvlRXdFVrepZq2MDlwH2i:Z2Vuaw3LIBfI58nRzVr12elwH2i

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Downloads MZ/PE file

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.