Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

29/08/2024, 09:25

240829-ldk2qstgph 8

29/08/2024, 09:14

240829-k7qzeawcrm 8

General

  • Target

    magix-vegas-pro-19-build-458-64bit-windows.zip

  • Size

    273.5MB

  • Sample

    240829-k7qzeawcrm

  • MD5

    e1118cb97517988a4191fd0b72dfa7eb

  • SHA1

    19c1d8a82f79e5849f0e1666e62217703b4c8cc7

  • SHA256

    5a64ae79d64d12662f2910ace22873a61d28280191657698cf6bb05f46713c6f

  • SHA512

    2739a5542bb7d632609abb9ca1168e3bc713834da9083f715eb3a82a86f5b6fbce9db68cfbb03555fced167ecf7b2a612882c8031a620d55cc9b4a4f4f4fde7f

  • SSDEEP

    6291456:p5SRgz9q7rF47Tsvkoom/T2S59aPlmG6Uhqiy9JkbQDl1FZ:mRgzg7RYsMm7n9aAGomQ51FZ

Malware Config

Targets

    • Target

      MAGIX Vegas Pro 19.0 Build 458 RePack by KpoJIuK (64Bit)/MAGIX.Vegas.Pro.v19.0.458.exe

    • Size

      273.1MB

    • MD5

      1bedeef92eebf22ff8877d4863896b5e

    • SHA1

      53ee359f5e5413ba9eeba280af54815998ef1726

    • SHA256

      b140c2036b2e57e71b72cdcf4cdd6df64d4b41180150b6b953db0c71fdf3f756

    • SHA512

      0525c618c345d4cccb56b6f832c1a1bda13e31f52aced903b687ae218c7c72c5b49be2d2e5c1aefcc4c1137525fc103892e9ecae9db67b0a2d60822fe94cf9de

    • SSDEEP

      6291456:gf+Vv7lueNfC3LOBF8JVfRC+oXGHrlJk4mjQsmL9sBGr3z30:LVv7ceJGOIVZaXGBJkisG7z30

    • Modifies Windows Firewall

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks