Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    blender-4.2.1-windows-x64.msi

  • Size

    327.6MB

  • Sample

    240921-kdfatatbkl

  • MD5

    cdece273a5dcd74d1a8b7c44e865c687

  • SHA1

    45be80371352e476a5c8896ebf2ebfe3aedba79e

  • SHA256

    e3309fbc01eaa4a6d270767a5847f192fa074499b6dddbf2b0362973ad15acb4

  • SHA512

    5e4ac719f5224ecafc4f281c8d89b5ecff7a7775f52ab8ceb89797571b938943125e8e95100f0ea8beb695b5a2a2d030ddf4cd57abb09c7e8bb9e60797d970c5

  • SSDEEP

    6291456:cDBdMtaUxTy0Xdi/t2PKZh2DzAJh5gd+z/OhAk9M93SbyfM:cD0zXdiF2PK/2D2zJKmCx

Malware Config

Targets

    • Target

      blender-4.2.1-windows-x64.msi

    • Size

      327.6MB

    • MD5

      cdece273a5dcd74d1a8b7c44e865c687

    • SHA1

      45be80371352e476a5c8896ebf2ebfe3aedba79e

    • SHA256

      e3309fbc01eaa4a6d270767a5847f192fa074499b6dddbf2b0362973ad15acb4

    • SHA512

      5e4ac719f5224ecafc4f281c8d89b5ecff7a7775f52ab8ceb89797571b938943125e8e95100f0ea8beb695b5a2a2d030ddf4cd57abb09c7e8bb9e60797d970c5

    • SSDEEP

      6291456:cDBdMtaUxTy0Xdi/t2PKZh2DzAJh5gd+z/OhAk9M93SbyfM:cD0zXdiF2PK/2D2zJKmCx

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

MITRE ATT&CK Enterprise v15

Tasks