Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dc37628bb3ece722b1f88744ddeb6080N

  • Size

    623KB

  • Sample

    240911-rww5lswdmd

  • MD5

    dc37628bb3ece722b1f88744ddeb6080

  • SHA1

    7d35f471cb1710dc9306e219f5d69df775e7ba7a

  • SHA256

    3ecb6ac363c0f8fca9abe41f55cd910af636a199eedb8568324f13e5b6c4b925

  • SHA512

    df3c5261c521a8fd295f0f0c97ee31ab1bba10d215fa158fda026cbccd25cf27dbd3043d08c2c2d0faf2309f18fd9708f0784ef4f1adba903d82329379b184aa

  • SSDEEP

    12288:W3SwGEpzLJMUJMtqSnhgMUmkoZ6Tim60ZW4hBi4hUz812CSj1+0r:W5GElLzBJzo+im/1hgCUz84CSht

Malware Config

Targets

    • Target

      dc37628bb3ece722b1f88744ddeb6080N

    • Size

      623KB

    • MD5

      dc37628bb3ece722b1f88744ddeb6080

    • SHA1

      7d35f471cb1710dc9306e219f5d69df775e7ba7a

    • SHA256

      3ecb6ac363c0f8fca9abe41f55cd910af636a199eedb8568324f13e5b6c4b925

    • SHA512

      df3c5261c521a8fd295f0f0c97ee31ab1bba10d215fa158fda026cbccd25cf27dbd3043d08c2c2d0faf2309f18fd9708f0784ef4f1adba903d82329379b184aa

    • SSDEEP

      12288:W3SwGEpzLJMUJMtqSnhgMUmkoZ6Tim60ZW4hBi4hUz812CSj1+0r:W5GElLzBJzo+im/1hgCUz84CSht

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks