Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    78a9fe868da68c2b99d031d0e268062d07e5793f37e1a1d7f22eaf69cf2ef645N

  • Size

    5.5MB

  • Sample

    240927-d6vsmswfjc

  • MD5

    dac0102fcb9fb02f7f6291cda42a4030

  • SHA1

    c7aa519f4d39962f84e89e386e015925d66784fb

  • SHA256

    78a9fe868da68c2b99d031d0e268062d07e5793f37e1a1d7f22eaf69cf2ef645

  • SHA512

    053fb5b8309eea2326346eaae3cca3bf4df2f5fb85ba9ab0b314fdb645fe609b8a1a7e85e22e9546a6609b7904584849a22b3ac15805cc7a42000ce9f59c8355

  • SSDEEP

    98304:xRjPz9KDzUU8O5/B/LJ25E9SVh86sS3TRknQ3ss2MApp9meypA3cPDu7:xFKoU8O5/b2XViSjX310SeyGc7u7

Malware Config

Targets

    • Target

      78a9fe868da68c2b99d031d0e268062d07e5793f37e1a1d7f22eaf69cf2ef645N

    • Size

      5.5MB

    • MD5

      dac0102fcb9fb02f7f6291cda42a4030

    • SHA1

      c7aa519f4d39962f84e89e386e015925d66784fb

    • SHA256

      78a9fe868da68c2b99d031d0e268062d07e5793f37e1a1d7f22eaf69cf2ef645

    • SHA512

      053fb5b8309eea2326346eaae3cca3bf4df2f5fb85ba9ab0b314fdb645fe609b8a1a7e85e22e9546a6609b7904584849a22b3ac15805cc7a42000ce9f59c8355

    • SSDEEP

      98304:xRjPz9KDzUU8O5/B/LJ25E9SVh86sS3TRknQ3ss2MApp9meypA3cPDu7:xFKoU8O5/b2XViSjX310SeyGc7u7

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Creates new service(s)

    • Stops running service(s)

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks