Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

23/07/2024, 17:36

240723-v6x2fa1eqk 7

23/07/2024, 17:35

240723-v6a7ns1enp 3

General

  • Target

    WriteMiniDump.exe

  • Size

    26.6MB

  • Sample

    240723-v6x2fa1eqk

  • MD5

    15b5b95294faf91ce8bf1ee6016cfdd4

  • SHA1

    cddfe9f67e7a015cb83a8880a85a5f118c76be36

  • SHA256

    88c7c4253fc015a54bd010b5bc10013f21f32675760981096b5ac878e9c0aa17

  • SHA512

    7c6a55de219bce8b41f967d8df7fcd2c9f5296981ce94dae2a0fa7c90cea99d0357ed88ed130a8bc891f92a757bc1a6b7a4f71497c375c6ade3cf0403f2f874a

  • SSDEEP

    393216:5hRFZuBhX/hERSC8EmDpkI8ti7skydvVWXqHvXBbCeiIre8VBZcAdHYlbyZwVrnN:BFZuHXzCtkl8/7oA8BIre0BjHZwVHxr

Malware Config

Targets

    • Target

      WriteMiniDump.exe

    • Size

      26.6MB

    • MD5

      15b5b95294faf91ce8bf1ee6016cfdd4

    • SHA1

      cddfe9f67e7a015cb83a8880a85a5f118c76be36

    • SHA256

      88c7c4253fc015a54bd010b5bc10013f21f32675760981096b5ac878e9c0aa17

    • SHA512

      7c6a55de219bce8b41f967d8df7fcd2c9f5296981ce94dae2a0fa7c90cea99d0357ed88ed130a8bc891f92a757bc1a6b7a4f71497c375c6ade3cf0403f2f874a

    • SSDEEP

      393216:5hRFZuBhX/hERSC8EmDpkI8ti7skydvVWXqHvXBbCeiIre8VBZcAdHYlbyZwVrnN:BFZuHXzCtkl8/7oA8BIre0BjHZwVHxr

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks