Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Straya_Ultimate_without_scripts.bat
-
Size
223KB
-
Sample
240723-s9kjea1akc
-
MD5
884f7c61acb34c7e1821874eeb0d4726
-
SHA1
4712bb387eb3b4a4f140039db1472c8a366b0809
-
SHA256
5a66afaa754bde91bec568e8b20fc3552a240017feff412f6f8cbfe3c0793ecb
-
SHA512
d9e37b7df6b72b490c1f6a51c627a4c019cc49e7eecd2a68bec6672802bb5f29c3df8525f0b339a8b5aa3659ecd106b8061a56e60fe9ab0fa988419ff5ecf78e
-
SSDEEP
768:NPgO+jjTtGiZQpZHSV6PkXl1/XAx5frBaRyCJnJzQltusqsqynwt50PRAbF/b2Ar:NPgb6SZYmNqYV+pHDL0gNAc3tFOF
Static task
static1
Behavioral task
behavioral1
Sample
Straya_Ultimate_without_scripts.bat
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
Straya_Ultimate_without_scripts.bat
-
Size
223KB
-
MD5
884f7c61acb34c7e1821874eeb0d4726
-
SHA1
4712bb387eb3b4a4f140039db1472c8a366b0809
-
SHA256
5a66afaa754bde91bec568e8b20fc3552a240017feff412f6f8cbfe3c0793ecb
-
SHA512
d9e37b7df6b72b490c1f6a51c627a4c019cc49e7eecd2a68bec6672802bb5f29c3df8525f0b339a8b5aa3659ecd106b8061a56e60fe9ab0fa988419ff5ecf78e
-
SSDEEP
768:NPgO+jjTtGiZQpZHSV6PkXl1/XAx5frBaRyCJnJzQltusqsqynwt50PRAbF/b2Ar:NPgb6SZYmNqYV+pHDL0gNAc3tFOF
-
Disables taskbar notifications via registry modification
-
Event Triggered Execution: Image File Execution Options Injection
-
Deletes itself
-
Adds Run key to start application
-
Hijack Execution Flow: Executable Installer File Permissions Weakness
Possible Turn off User Account Control's privilege elevation for standard users.
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1Hijack Execution Flow
1Executable Installer File Permissions Weakness
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1Hijack Execution Flow
1Executable Installer File Permissions Weakness
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Hijack Execution Flow
1Executable Installer File Permissions Weakness
1Impair Defenses
2Disable or Modify Tools
2Modify Registry
4