Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    TamenuV5.2.rar

  • Size

    79.1MB

  • Sample

    240724-kaymzszbpf

  • MD5

    f28fe1f5fb69993c498d5a40ff3f8bda

  • SHA1

    a8b5ce1b150422f9fac10c7eabecbe396052133e

  • SHA256

    dde75797d1dc18a3c9c9e5f316bb23e0584ae21d75a06b80afb95b6c5385b5f2

  • SHA512

    9b3bad7bb084e56ad373e5250d1ac84f265a33f52c8c6f77ac4fbd6f2e5d6eaa31fdefcbea24d3061b0c3b385f54d462b095d4c40ca264f6e5efeff21efe7d09

  • SSDEEP

    1572864:XaoQDHE1keXcvwXD1qN1webO2F4LgxUo5sakoP2H4pstUp/p:JCHE1D1IexcH5sm2YeGph

Malware Config

Targets

    • Target

      TamenuV5.2.rar

    • Size

      79.1MB

    • MD5

      f28fe1f5fb69993c498d5a40ff3f8bda

    • SHA1

      a8b5ce1b150422f9fac10c7eabecbe396052133e

    • SHA256

      dde75797d1dc18a3c9c9e5f316bb23e0584ae21d75a06b80afb95b6c5385b5f2

    • SHA512

      9b3bad7bb084e56ad373e5250d1ac84f265a33f52c8c6f77ac4fbd6f2e5d6eaa31fdefcbea24d3061b0c3b385f54d462b095d4c40ca264f6e5efeff21efe7d09

    • SSDEEP

      1572864:XaoQDHE1keXcvwXD1qN1webO2F4LgxUo5sakoP2H4pstUp/p:JCHE1D1IexcH5sm2YeGph

    • Downloads MZ/PE file

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks