Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fd85a77b1322ab368cd2e8702cdbecb0N.exe

  • Size

    400KB

  • Sample

    240826-clp6zsyfqh

  • MD5

    fd85a77b1322ab368cd2e8702cdbecb0

  • SHA1

    392848b6b67a19e2aed417b2c472cbe1ab5e3d8e

  • SHA256

    da359c2f4625fcff92e0e8eca9517110b0279957aa0bf9198c9cc34053cebac5

  • SHA512

    10e55b4069818cc1c45edbd14460d8b14aed4b558e431d107c708f7fdfe3daa30b9d843b981de5306aae216f78f70a616f2396e8dc349dd4ca8f5736e7071672

  • SSDEEP

    3072:fDNcIFN3tw4QfwmAOMe6UJbVM/vkA9OQzY6eCFs5Juh2v19hlDcfbEdp7uxEo+9l:LJigOTJXYOaFs5Juh819hqkuGh2LeyI

Malware Config

Targets

    • Target

      fd85a77b1322ab368cd2e8702cdbecb0N.exe

    • Size

      400KB

    • MD5

      fd85a77b1322ab368cd2e8702cdbecb0

    • SHA1

      392848b6b67a19e2aed417b2c472cbe1ab5e3d8e

    • SHA256

      da359c2f4625fcff92e0e8eca9517110b0279957aa0bf9198c9cc34053cebac5

    • SHA512

      10e55b4069818cc1c45edbd14460d8b14aed4b558e431d107c708f7fdfe3daa30b9d843b981de5306aae216f78f70a616f2396e8dc349dd4ca8f5736e7071672

    • SSDEEP

      3072:fDNcIFN3tw4QfwmAOMe6UJbVM/vkA9OQzY6eCFs5Juh2v19hlDcfbEdp7uxEo+9l:LJigOTJXYOaFs5Juh819hqkuGh2LeyI

    • Adds policy Run key to start application

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks