Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0966707c2ad8754bdc710009c8ea7d50N.exe
-
Size
1.2MB
-
Sample
240801-1nv21sxfjj
-
MD5
0966707c2ad8754bdc710009c8ea7d50
-
SHA1
3a4b9a5fc59ac5ad34e21f2bf69342fe8b3801a6
-
SHA256
72e6ed9e5e6dd782600286f6ba141fb1e33c45dffe3956718f1101edc9840a14
-
SHA512
ccea1a12febb50e2efad6e5e774ada2b121116b90454b62d200c1b4aadb03d2dc059ab3342cc03d79710b29167113159ab22c8d4ae4fb3c6bc78e7fb97caf37b
-
SSDEEP
24576:cKRJLmRmuSzhm5Up/hoUMZPM08Ti1LPrSkdN:cKRds68PM08TIS4
Static task
static1
Behavioral task
behavioral1
Sample
0966707c2ad8754bdc710009c8ea7d50N.exe
Resource
win7-20240705-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
0966707c2ad8754bdc710009c8ea7d50N.exe
-
Size
1.2MB
-
MD5
0966707c2ad8754bdc710009c8ea7d50
-
SHA1
3a4b9a5fc59ac5ad34e21f2bf69342fe8b3801a6
-
SHA256
72e6ed9e5e6dd782600286f6ba141fb1e33c45dffe3956718f1101edc9840a14
-
SHA512
ccea1a12febb50e2efad6e5e774ada2b121116b90454b62d200c1b4aadb03d2dc059ab3342cc03d79710b29167113159ab22c8d4ae4fb3c6bc78e7fb97caf37b
-
SSDEEP
24576:cKRJLmRmuSzhm5Up/hoUMZPM08Ti1LPrSkdN:cKRds68PM08TIS4
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5