Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    AllOutInstaller(1.3.2).exe

  • Size

    27.8MB

  • Sample

    240813-w7glhszcqc

  • MD5

    40c837f9a461ae78339735764e9f8bd3

  • SHA1

    e77dfdbfacbe16021e0e89b223e415b1e8e23881

  • SHA256

    d789e02dadbdc9b3ce6b1c8d1ff75f62db79650bd92de71c313bbfefe66dfe81

  • SHA512

    60f550060cbaa2ec77cbe295962c6dd77c22027da84d8d42e672df1e12fbfffd3ccae1120d62f5561ce238985bdef6ce9e31a0228db2b5fae40038a2dfc3576d

  • SSDEEP

    786432:ZZFndkFvbGcTPYe4jD1Zi+1BvGle9/b1F1/i:ZZFndkJbpTPYBjD1ZiMB716

Malware Config

Targets

    • Target

      AllOutInstaller(1.3.2).exe

    • Size

      27.8MB

    • MD5

      40c837f9a461ae78339735764e9f8bd3

    • SHA1

      e77dfdbfacbe16021e0e89b223e415b1e8e23881

    • SHA256

      d789e02dadbdc9b3ce6b1c8d1ff75f62db79650bd92de71c313bbfefe66dfe81

    • SHA512

      60f550060cbaa2ec77cbe295962c6dd77c22027da84d8d42e672df1e12fbfffd3ccae1120d62f5561ce238985bdef6ce9e31a0228db2b5fae40038a2dfc3576d

    • SSDEEP

      786432:ZZFndkFvbGcTPYe4jD1Zi+1BvGle9/b1F1/i:ZZFndkJbpTPYBjD1ZiMB716

    • Adds Run key to start application

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks