Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
19db96771e7a44e3991269eef87cb038b3051c44945ba94111fa7ba116d7fd26
-
Size
10.4MB
-
Sample
240823-1b5exsxfrc
-
MD5
336fc285ca0b6c05b396ab694e05d9b0
-
SHA1
097b661367cbaab1747e673b9377c8b678a787a5
-
SHA256
19db96771e7a44e3991269eef87cb038b3051c44945ba94111fa7ba116d7fd26
-
SHA512
9874d0295409b5be5c9247970765653fc3bfaddb045e505c26658b62174db3bffd47cb6fb6272b23d9a70a5c20614f5a2969fcd3c2acf2e245f67141c44557b4
-
SSDEEP
98304:KdcN81M9ap6prSwzbs3usPBk46p4W1VFkQakW+sz8Kdmll0OKOVP:KE81fXwzImpX/F3W+xKdml17t
Malware Config
Targets
-
-
Target
19db96771e7a44e3991269eef87cb038b3051c44945ba94111fa7ba116d7fd26
-
Size
10.4MB
-
MD5
336fc285ca0b6c05b396ab694e05d9b0
-
SHA1
097b661367cbaab1747e673b9377c8b678a787a5
-
SHA256
19db96771e7a44e3991269eef87cb038b3051c44945ba94111fa7ba116d7fd26
-
SHA512
9874d0295409b5be5c9247970765653fc3bfaddb045e505c26658b62174db3bffd47cb6fb6272b23d9a70a5c20614f5a2969fcd3c2acf2e245f67141c44557b4
-
SSDEEP
98304:KdcN81M9ap6prSwzbs3usPBk46p4W1VFkQakW+sz8Kdmll0OKOVP:KE81fXwzImpX/F3W+xKdml17t
Score10/10-
UAC bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
1