Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
961b0c2623dcea79d3bfd91ea08803b7ca7cf5360115c2dfd95904e9a16f24cf
-
Size
120KB
-
Sample
240919-ah91wazhqg
-
MD5
308d284168ea77763814251a9ad54a72
-
SHA1
9d1e3b9df5aecbf07179b48fa5f2aa5e1a1f918c
-
SHA256
961b0c2623dcea79d3bfd91ea08803b7ca7cf5360115c2dfd95904e9a16f24cf
-
SHA512
159abc89646a73eba94ca4af47663fd20a2f5c71c7c2931691b9b0de8e7493885d23b64170af978767f3d4419d3f187de56833403fdce863c3b105eb58348dd4
-
SSDEEP
1536:nDdIp97WZjSRLxQlBosMIq//sjunZijc6cnhIJnCyzuW8EV5jsQ0rwo1/:5jklpvjRijMUnCK+EV5gJn
Static task
static1
Behavioral task
behavioral1
Sample
961b0c2623dcea79d3bfd91ea08803b7ca7cf5360115c2dfd95904e9a16f24cf.dll
Resource
win7-20240903-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
961b0c2623dcea79d3bfd91ea08803b7ca7cf5360115c2dfd95904e9a16f24cf
-
Size
120KB
-
MD5
308d284168ea77763814251a9ad54a72
-
SHA1
9d1e3b9df5aecbf07179b48fa5f2aa5e1a1f918c
-
SHA256
961b0c2623dcea79d3bfd91ea08803b7ca7cf5360115c2dfd95904e9a16f24cf
-
SHA512
159abc89646a73eba94ca4af47663fd20a2f5c71c7c2931691b9b0de8e7493885d23b64170af978767f3d4419d3f187de56833403fdce863c3b105eb58348dd4
-
SSDEEP
1536:nDdIp97WZjSRLxQlBosMIq//sjunZijc6cnhIJnCyzuW8EV5jsQ0rwo1/:5jklpvjRijMUnCK+EV5gJn
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5