Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    13s
  • max time network
    14s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/08/2024, 23:49

General

  • Target

    OldNewExplorer64.dll

  • Size

    255KB

  • MD5

    fcf194e3b9101064939a000075149f29

  • SHA1

    7a3767dabba5368da9092ea17b0dcbdd23b23bfb

  • SHA256

    21e76d101c19571d254e649c86f2588c7a46e7fb8f0911880ebbbadc7acf4d18

  • SHA512

    e3fc693f1e7f7ac80d45f3b3d6df6c659f8e5aca5ef02d6a020d351927b684f71be4aba7c27aca2f82893cd98f431a89b21f5e78a7c35207964b161749fc4d24

  • SSDEEP

    6144:Bq55rea+EvK+Evx+EvU+EN+EvH+Evb+Ev6NZN/No+Ev1+EvZ+EvS+Ef+EvZ+EvlG:Bq5E

Malware Config

Signatures

  • Event Triggered Execution: Component Object Model Hijacking 1 TTPs

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

  • Installs/modifies Browser Helper Object 2 TTPs 2 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

  • Modifies registry class 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\OldNewExplorer64.dll
    1⤵
    • Installs/modifies Browser Helper Object
    • Modifies registry class
    PID:508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads