Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a9b56eb72c28cff541f7cd8c8febd5d0N.exe
-
Size
114KB
-
Sample
240906-fv9tjayajr
-
MD5
a9b56eb72c28cff541f7cd8c8febd5d0
-
SHA1
bcba6bbbc899ab33f2d9c2adecf78a1ac2dfdbbf
-
SHA256
e71d0bea7d56ecf4852ddbdd71aba057adf13ff78755467caae58590dba77435
-
SHA512
533810e3c8f9b82c42e4aa3edad9263bb0b3d1d9f134caf811a3aba8181e5c5e0994eaa9286dfd12b97f6797a6c70ecbc40fb1104ffac143975ab8ebdb3b5769
-
SSDEEP
3072:/y3xG9uGQVwuWmWg9+P3to8VGIoInBGbLMHMb9/x1H:KhG9uGju9tcPdzSIAnF9JB
Static task
static1
Behavioral task
behavioral1
Sample
a9b56eb72c28cff541f7cd8c8febd5d0N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a9b56eb72c28cff541f7cd8c8febd5d0N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
a9b56eb72c28cff541f7cd8c8febd5d0N.exe
-
Size
114KB
-
MD5
a9b56eb72c28cff541f7cd8c8febd5d0
-
SHA1
bcba6bbbc899ab33f2d9c2adecf78a1ac2dfdbbf
-
SHA256
e71d0bea7d56ecf4852ddbdd71aba057adf13ff78755467caae58590dba77435
-
SHA512
533810e3c8f9b82c42e4aa3edad9263bb0b3d1d9f134caf811a3aba8181e5c5e0994eaa9286dfd12b97f6797a6c70ecbc40fb1104ffac143975ab8ebdb3b5769
-
SSDEEP
3072:/y3xG9uGQVwuWmWg9+P3to8VGIoInBGbLMHMb9/x1H:KhG9uGju9tcPdzSIAnF9JB
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
4