Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3c1ea0fd76d9e3b33309cd6063935e722fea840d3af20a6769f6b6d4f208e998N.exe

  • Size

    397KB

  • Sample

    240925-y92qkszaph

  • MD5

    ecfa84257ab760d56848224f04f45f20

  • SHA1

    efacb3a82c7c2d15baa39a6f78217f22ea202547

  • SHA256

    3c1ea0fd76d9e3b33309cd6063935e722fea840d3af20a6769f6b6d4f208e998

  • SHA512

    b9fadbdcf53f8b7a9cfdc9904e5dab1f17ae96a3e328c2c4c6d0ad06077929a259823bc9f7637f6b80acaf1cdf749879cd6081ec4d301e2bd23e9a3bfce206ff

  • SSDEEP

    6144:HK/d/9oM0YTX+nNPHmROkpd3CnvegL1zWmK/jJC+J/VlCa:+d/9nTOnNPGRbiegrKrJCoCa

Score
8/10

Malware Config

Targets

    • Target

      3c1ea0fd76d9e3b33309cd6063935e722fea840d3af20a6769f6b6d4f208e998N.exe

    • Size

      397KB

    • MD5

      ecfa84257ab760d56848224f04f45f20

    • SHA1

      efacb3a82c7c2d15baa39a6f78217f22ea202547

    • SHA256

      3c1ea0fd76d9e3b33309cd6063935e722fea840d3af20a6769f6b6d4f208e998

    • SHA512

      b9fadbdcf53f8b7a9cfdc9904e5dab1f17ae96a3e328c2c4c6d0ad06077929a259823bc9f7637f6b80acaf1cdf749879cd6081ec4d301e2bd23e9a3bfce206ff

    • SSDEEP

      6144:HK/d/9oM0YTX+nNPHmROkpd3CnvegL1zWmK/jJC+J/VlCa:+d/9nTOnNPGRbiegrKrJCoCa

    Score
    8/10
    • Disables taskbar notifications via registry modification

    • Deletes itself

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks