Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

9b7cdf3c7c...a1.exe

windows7-x64

8

9b7cdf3c7c...a1.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    57de29d9191eeaab3247c3733e5010e8.bin

  • Size

    46KB

  • Sample

    240905-l6eqesygkf

  • MD5

    f76091f5f1030c81eae97568d366ec41

  • SHA1

    157181b9bb3b449651e420a327dcb0fcc7a6dfcd

  • SHA256

    6b83bbe4cce4c786466668f993552b11b8ff1ac1a119c242d3463c6e058c5cba

  • SHA512

    cafa02d75159ff14bdebdbcfb8b698e9c12f53c45cc7d14a567bf84c7d4bf97ae54ff83bc59c0409df809bdd2f1d3fa2858b99e188628725e43094873680e830

  • SSDEEP

    768:8teznitr1IeepVVIBCiU0MKC9RSDBTu9je9DmdOxUUh8nT8RSCKp/6K8fEW4vm07:/zurHkiUjRnSo9IhUK8Fan4vm0fj

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      9b7cdf3c7c71ce90aeff29d38794856f65aa1196438fd19dca9d3c5fc05f34a1.exe

    • Size

      84KB

    • MD5

      57de29d9191eeaab3247c3733e5010e8

    • SHA1

      ed060ed784e1b6e316b6932b10532ade97007025

    • SHA256

      9b7cdf3c7c71ce90aeff29d38794856f65aa1196438fd19dca9d3c5fc05f34a1

    • SHA512

      69ce89e315efb902aeb28bb46afc6827176ffdbd711002fd1f1a340411c47135e4ddffbe80e3b6570006852e960ae8a8bcabbd0a851ff74b78b7911bf9d4de51

    • SSDEEP

      1536:0azWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYS7QYxrp:AFNpo6rIKlUE8fbkqRfbaQlaYYS5

    Score
    8/10
    discoverypersistence

    • Downloads MZ/PE file

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks