Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
242c24be996e827979509c71f8574398c0a373ae1d07e67ef6df2c03c61f4edd
-
Size
120KB
-
Sample
240828-yp3gdavemm
-
MD5
bf6f3505ca59136d08d699dca52ff9af
-
SHA1
a5774984f78fd1b8320001aa411ab50cee22a742
-
SHA256
242c24be996e827979509c71f8574398c0a373ae1d07e67ef6df2c03c61f4edd
-
SHA512
30fdab92c21a08f81ede70eedb91a798db884ec0d5b36dd72e7e35a1ba94cc1dadf4862c95e8ed7974487e0bfc3940492fad8a601094870ef35b4842ca091e16
-
SSDEEP
1536:zGHBh/EVHy4LDCsixQ0BZ+eADf3atU08WMDBoxGxbFTkXUkmOBgZoaEYFl6l:aT/WDDixQ4boiU08WJ0xxIkaCoaEu
Static task
static1
Behavioral task
behavioral1
Sample
242c24be996e827979509c71f8574398c0a373ae1d07e67ef6df2c03c61f4edd.dll
Resource
win7-20240708-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
242c24be996e827979509c71f8574398c0a373ae1d07e67ef6df2c03c61f4edd
-
Size
120KB
-
MD5
bf6f3505ca59136d08d699dca52ff9af
-
SHA1
a5774984f78fd1b8320001aa411ab50cee22a742
-
SHA256
242c24be996e827979509c71f8574398c0a373ae1d07e67ef6df2c03c61f4edd
-
SHA512
30fdab92c21a08f81ede70eedb91a798db884ec0d5b36dd72e7e35a1ba94cc1dadf4862c95e8ed7974487e0bfc3940492fad8a601094870ef35b4842ca091e16
-
SSDEEP
1536:zGHBh/EVHy4LDCsixQ0BZ+eADf3atU08WMDBoxGxbFTkXUkmOBgZoaEYFl6l:aT/WDDixQ4boiU08WJ0xxIkaCoaEu
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5