Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7a15dd944f05b7280ae9d297f7707f5ee712821fbae770930bae1539cf9e0b4e
-
Size
5.5MB
-
Sample
240819-fp5ydsvhrf
-
MD5
fdf999d19df6b5c6a03bdbe1990347b3
-
SHA1
3266aa1f4ee746d69601c42afcda7666efd08ea2
-
SHA256
7a15dd944f05b7280ae9d297f7707f5ee712821fbae770930bae1539cf9e0b4e
-
SHA512
3232b2b0e373104b0f3d31d0275e0d40d247abd3b3fc288cc75d29ed26161726d31728f7ac25a771b277f74fe9a274346820f7087596caf6184ea7c7ce340274
-
SSDEEP
49152:rqmTkde4P2b+2vj3DydOPF+ins3aliOhu+WB+QlpNjeykwUZFuGlilvPm4upzD6L:rqmQde4n2b3lwJKliN8svuQWu
Static task
static1
Behavioral task
behavioral1
Sample
7a15dd944f05b7280ae9d297f7707f5ee712821fbae770930bae1539cf9e0b4e.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
7a15dd944f05b7280ae9d297f7707f5ee712821fbae770930bae1539cf9e0b4e.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
7a15dd944f05b7280ae9d297f7707f5ee712821fbae770930bae1539cf9e0b4e
-
Size
5.5MB
-
MD5
fdf999d19df6b5c6a03bdbe1990347b3
-
SHA1
3266aa1f4ee746d69601c42afcda7666efd08ea2
-
SHA256
7a15dd944f05b7280ae9d297f7707f5ee712821fbae770930bae1539cf9e0b4e
-
SHA512
3232b2b0e373104b0f3d31d0275e0d40d247abd3b3fc288cc75d29ed26161726d31728f7ac25a771b277f74fe9a274346820f7087596caf6184ea7c7ce340274
-
SSDEEP
49152:rqmTkde4P2b+2vj3DydOPF+ins3aliOhu+WB+QlpNjeykwUZFuGlilvPm4upzD6L:rqmQde4n2b3lwJKliN8svuQWu
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
1Credentials in Registry
1