Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

a9b56eb72c...0N.exe

windows7-x64

10

a9b56eb72c...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9b56eb72c28cff541f7cd8c8febd5d0N.exe

  • Size

    114KB

  • Sample

    240906-fv9tjayajr

  • MD5

    a9b56eb72c28cff541f7cd8c8febd5d0

  • SHA1

    bcba6bbbc899ab33f2d9c2adecf78a1ac2dfdbbf

  • SHA256

    e71d0bea7d56ecf4852ddbdd71aba057adf13ff78755467caae58590dba77435

  • SHA512

    533810e3c8f9b82c42e4aa3edad9263bb0b3d1d9f134caf811a3aba8181e5c5e0994eaa9286dfd12b97f6797a6c70ecbc40fb1104ffac143975ab8ebdb3b5769

  • SSDEEP

    3072:/y3xG9uGQVwuWmWg9+P3to8VGIoInBGbLMHMb9/x1H:KhG9uGju9tcPdzSIAnF9JB

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      a9b56eb72c28cff541f7cd8c8febd5d0N.exe

    • Size

      114KB

    • MD5

      a9b56eb72c28cff541f7cd8c8febd5d0

    • SHA1

      bcba6bbbc899ab33f2d9c2adecf78a1ac2dfdbbf

    • SHA256

      e71d0bea7d56ecf4852ddbdd71aba057adf13ff78755467caae58590dba77435

    • SHA512

      533810e3c8f9b82c42e4aa3edad9263bb0b3d1d9f134caf811a3aba8181e5c5e0994eaa9286dfd12b97f6797a6c70ecbc40fb1104ffac143975ab8ebdb3b5769

    • SSDEEP

      3072:/y3xG9uGQVwuWmWg9+P3to8VGIoInBGbLMHMb9/x1H:KhG9uGju9tcPdzSIAnF9JB

    Score
    10/10
    evasionpersistencediscovery

    • Modifies firewall policy service

      evasion

    • Adds policy Run key to start application

      persistence

    • Sets service image path in registry

      persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks