Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Map.exe

windows7-x64

8

Map.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Map.exe

  • Size

    416KB

  • Sample

    240810-lfxhjstfpq

  • MD5

    36c50332466b6e921edb79ea4b240278

  • SHA1

    5b858fb375235e7638b7cef22ca972d27ce9cacc

  • SHA256

    0a76f7d189b368598ee017d0094a6698ffff66d0f981f85769971170ca29e042

  • SHA512

    fbc23c9d21e9dd3fbb7eac87fcee7e9db52d6c6450402ec90a7ba43940029af00d4ab9db8f0e662f30d8f99a34326673f26051932e2ae7afcfb377d053f4cc41

  • SSDEEP

    12288:rbNG38Jf2mCsCTyTH8+vtQ7BWD24cVLxSf0:rbNG38Jf2mCsCTMc+laBH4cVLxSf

Score
8/10
defense_evasionpersistence

Malware Config

Targets

    • Target

      Map.exe

    • Size

      416KB

    • MD5

      36c50332466b6e921edb79ea4b240278

    • SHA1

      5b858fb375235e7638b7cef22ca972d27ce9cacc

    • SHA256

      0a76f7d189b368598ee017d0094a6698ffff66d0f981f85769971170ca29e042

    • SHA512

      fbc23c9d21e9dd3fbb7eac87fcee7e9db52d6c6450402ec90a7ba43940029af00d4ab9db8f0e662f30d8f99a34326673f26051932e2ae7afcfb377d053f4cc41

    • SSDEEP

      12288:rbNG38Jf2mCsCTyTH8+vtQ7BWD24cVLxSf0:rbNG38Jf2mCsCTMc+laBH4cVLxSf

    Score
    8/10
    persistencedefense_evasion

    • Modify Registry: Disable Windows Driver Blocklist

      Disable Windows Driver Blocklist via Registry.

      defense_evasion

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks