Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
LDPlayer9_fr_1102_ld.exe
-
Size
2.5MB
-
Sample
240904-m9pv8sydqp
-
MD5
a64bd549d95bfc8be592833460f79fcc
-
SHA1
0aeeb9507ed39f14d82149c56011ec3aaed1bec9
-
SHA256
d285b5242f4583d49c63a7c7f83a72f082ab395f9eaff674ff56c8d2d0fa063d
-
SHA512
767bffb8861e81ce61cfec5b0462f6a62cf86d9fca8411126b6ee3f43bc7fccbbffae8fafe293e9c227f297d82562d70940b441f9d541e35b66b972f2b79fdae
-
SSDEEP
49152:INfatughHaKLIKN1cueXlaYbsISTb/am5B8y6sEUhSSwoUK:Ila4ghHaKMu2IYbsIW/amj8yF8S
Static task
static1
Behavioral task
behavioral1
Sample
LDPlayer9_fr_1102_ld.exe
Resource
win11-20240802-en
Malware Config
Targets
-
-
Target
LDPlayer9_fr_1102_ld.exe
-
Size
2.5MB
-
MD5
a64bd549d95bfc8be592833460f79fcc
-
SHA1
0aeeb9507ed39f14d82149c56011ec3aaed1bec9
-
SHA256
d285b5242f4583d49c63a7c7f83a72f082ab395f9eaff674ff56c8d2d0fa063d
-
SHA512
767bffb8861e81ce61cfec5b0462f6a62cf86d9fca8411126b6ee3f43bc7fccbbffae8fafe293e9c227f297d82562d70940b441f9d541e35b66b972f2b79fdae
-
SSDEEP
49152:INfatughHaKLIKN1cueXlaYbsISTb/am5B8y6sEUhSSwoUK:Ila4ghHaKMu2IYbsIW/amj8yF8S
-
Creates new service(s)
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Possible privilege escalation attempt
-
Modifies file permissions
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Component Object Model Hijacking
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Component Object Model Hijacking
1Defense Evasion
File and Directory Permissions Modification
1Modify Registry
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1