Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

22/07/2024, 17:44

240722-wa9k2azcrq 6

22/07/2024, 17:43

240722-wavrwaygmg 1

General

  • Target

    webOS.Dev.Manager_1.13.3_x64_en-US.msi

  • Size

    12.6MB

  • Sample

    240722-wa9k2azcrq

  • MD5

    70fb7e81ddd19dbcdd8e1e03bcff575b

  • SHA1

    5783fd87764a4a4b86f7b74c9c9eee591ceea18c

  • SHA256

    f5e0a6cc46e4f74c7ea1bffd0e75d5a6de3a2c70376c4025c01417ecbd2284e4

  • SHA512

    dc341ecfe79e88b8e07542689db8c74219ada7f513feb2cf8c7f2cf574aee42f4afeb8ba59dd1164fb3bca71041b9651f4ffacbb241a386fdd59141ba8a4259b

  • SSDEEP

    196608:KGvCh4ABp7gi3gLZRwT9qmNkxierM1Otkfmwgf3Y3SYwi22BvzVEIR:zvC2Aj7gHZsqOk8v+wcI3S8Zz

Malware Config

Targets

    • Target

      webOS.Dev.Manager_1.13.3_x64_en-US.msi

    • Size

      12.6MB

    • MD5

      70fb7e81ddd19dbcdd8e1e03bcff575b

    • SHA1

      5783fd87764a4a4b86f7b74c9c9eee591ceea18c

    • SHA256

      f5e0a6cc46e4f74c7ea1bffd0e75d5a6de3a2c70376c4025c01417ecbd2284e4

    • SHA512

      dc341ecfe79e88b8e07542689db8c74219ada7f513feb2cf8c7f2cf574aee42f4afeb8ba59dd1164fb3bca71041b9651f4ffacbb241a386fdd59141ba8a4259b

    • SSDEEP

      196608:KGvCh4ABp7gi3gLZRwT9qmNkxierM1Otkfmwgf3Y3SYwi22BvzVEIR:zvC2Aj7gHZsqOk8v+wcI3S8Zz

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Event Triggered Execution: Image File Execution Options Injection

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

MITRE ATT&CK Enterprise v15

Tasks