Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1c2eed01d05e10b20534312a91922a53d3122a810229126a02a0af9b433c1f70

  • Size

    196KB

  • Sample

    240809-xxmv8avbrr

  • MD5

    a400027e5241f3b8b606d5b574cbe12a

  • SHA1

    53859020d985a0138955d54f39e6a1e734d8aa1b

  • SHA256

    1c2eed01d05e10b20534312a91922a53d3122a810229126a02a0af9b433c1f70

  • SHA512

    6b0af3e0731981773ff14377cbf663cb4f5529241b118895c835ae5b0cbbdd84cf96eaf83f156c99336dcb95548e67460d055ea93357bd07e4fe9c54524dc2d4

  • SSDEEP

    3072:oLLWNoH82r8Hu0bozyP6Dm0MzbN15vlcP1gCfb2hXrKpdko5hOQg6LzjHfW:iHTwHujy4mN15yCCfKhoCoFfLP

Score
10/10

Malware Config

Targets

    • Target

      1c2eed01d05e10b20534312a91922a53d3122a810229126a02a0af9b433c1f70

    • Size

      196KB

    • MD5

      a400027e5241f3b8b606d5b574cbe12a

    • SHA1

      53859020d985a0138955d54f39e6a1e734d8aa1b

    • SHA256

      1c2eed01d05e10b20534312a91922a53d3122a810229126a02a0af9b433c1f70

    • SHA512

      6b0af3e0731981773ff14377cbf663cb4f5529241b118895c835ae5b0cbbdd84cf96eaf83f156c99336dcb95548e67460d055ea93357bd07e4fe9c54524dc2d4

    • SSDEEP

      3072:oLLWNoH82r8Hu0bozyP6Dm0MzbN15vlcP1gCfb2hXrKpdko5hOQg6LzjHfW:iHTwHujy4mN15yCCfKhoCoFfLP

    Score
    10/10
    • Modifies firewall policy service

    • Drops file in Drivers directory

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks