Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
creepypasta virus.exe
-
Size
73.1MB
-
Sample
240808-m6f4xswepe
-
MD5
fafedc86e931a34ae8880b62913ec8b8
-
SHA1
d9c8a5264941f66446e1ed5831d9fd58527160c7
-
SHA256
ff8ba81e6c8558f793a41355f5a88dda5cb0fc17f5fb601912ea7e421ca469e4
-
SHA512
d4182c3cd900433608ad288a3f5b09402396cdf76ee0fe51b335c5fe6c9639655c7970102fe2237d0812a18dcb2e5f21991628e6ea19fb2ed4a31f1cce9479b4
-
SSDEEP
1572864:EWWQfapBZJbujGp5AuYS2aTjWWQfapBZJbujGp5AuYS2aT:lapBZJbujGpCVTapBZJbujGpCV
Static task
static1
Behavioral task
behavioral1
Sample
creepypasta virus.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
creepypasta virus.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
creepypasta virus.exe
-
Size
73.1MB
-
MD5
fafedc86e931a34ae8880b62913ec8b8
-
SHA1
d9c8a5264941f66446e1ed5831d9fd58527160c7
-
SHA256
ff8ba81e6c8558f793a41355f5a88dda5cb0fc17f5fb601912ea7e421ca469e4
-
SHA512
d4182c3cd900433608ad288a3f5b09402396cdf76ee0fe51b335c5fe6c9639655c7970102fe2237d0812a18dcb2e5f21991628e6ea19fb2ed4a31f1cce9479b4
-
SSDEEP
1572864:EWWQfapBZJbujGp5AuYS2aTjWWQfapBZJbujGp5AuYS2aT:lapBZJbujGpCVTapBZJbujGpCV
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1