Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a4045703e0b9a134174c1c1ced434530N.exe

  • Size

    77KB

  • Sample

    240814-l9zj1a1fnq

  • MD5

    a4045703e0b9a134174c1c1ced434530

  • SHA1

    a80562871a961cb6756c570e9fc5850cf6a61ca2

  • SHA256

    a1573a07561f46923c863dc86574c95d198f114baeae431a59b35d1185d26798

  • SHA512

    05c5afa696d01cb1f93b45f4ddd583b3e51366d4fb33505b243280c030ae46dcf637b38a34564ab1a9294c02d07422b98b09dd31095bef0fb83a053f3c2f3dfc

  • SSDEEP

    1536:ekeK40T/mx7y9v7Z/Z2V/GSAFRfBhpVoK0:FD40Dmx7y9DZ/Z2hGVkK0

Malware Config

Targets

    • Target

      a4045703e0b9a134174c1c1ced434530N.exe

    • Size

      77KB

    • MD5

      a4045703e0b9a134174c1c1ced434530

    • SHA1

      a80562871a961cb6756c570e9fc5850cf6a61ca2

    • SHA256

      a1573a07561f46923c863dc86574c95d198f114baeae431a59b35d1185d26798

    • SHA512

      05c5afa696d01cb1f93b45f4ddd583b3e51366d4fb33505b243280c030ae46dcf637b38a34564ab1a9294c02d07422b98b09dd31095bef0fb83a053f3c2f3dfc

    • SSDEEP

      1536:ekeK40T/mx7y9v7Z/Z2V/GSAFRfBhpVoK0:FD40Dmx7y9DZ/Z2hGVkK0

    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks