Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    LegendOnline.MSVC_20230822_x64.exe

  • Size

    28.5MB

  • Sample

    240810-abjkcazerh

  • MD5

    50342e2339f687332612b275e4f8f438

  • SHA1

    88817c6284b7e7173a28c6f84a64d9eb5cc47b97

  • SHA256

    3fdbf77c9b3a76e16719e3e4fce9f7f966dd7e59e0c2750d6144063e993a53b7

  • SHA512

    f94730daf48c99dc95bbbd82ad80e65d70e8f9e435ad0824a3a248f9c532bb7532a2ac52e35b34f4cdac1774f906c9869d43867bea0ef5fb931cd877812246ad

  • SSDEEP

    393216:etD/KubWwmVzHnGBpCNP2WySTp1ABDw0MgFvicF5M064qraCYZp1DXhfbJf4kw7t:2DSAPEbEUXGTFqcj3Rmybh4kw6DEL

Malware Config

Targets

    • Target

      LegendOnline.MSVC_20230822_x64.exe

    • Size

      28.5MB

    • MD5

      50342e2339f687332612b275e4f8f438

    • SHA1

      88817c6284b7e7173a28c6f84a64d9eb5cc47b97

    • SHA256

      3fdbf77c9b3a76e16719e3e4fce9f7f966dd7e59e0c2750d6144063e993a53b7

    • SHA512

      f94730daf48c99dc95bbbd82ad80e65d70e8f9e435ad0824a3a248f9c532bb7532a2ac52e35b34f4cdac1774f906c9869d43867bea0ef5fb931cd877812246ad

    • SSDEEP

      393216:etD/KubWwmVzHnGBpCNP2WySTp1ABDw0MgFvicF5M064qraCYZp1DXhfbJf4kw7t:2DSAPEbEUXGTFqcj3Rmybh4kw6DEL

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks