Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Eufonia-Client-windows-x86_64.msi
-
Size
29.5MB
-
Sample
240928-n627tsvdln
-
MD5
043c5c1502dc00487a1dfd99b62732b2
-
SHA1
67c284c5852bd2af91a55ec5d08f792de666e0bb
-
SHA256
bb55abbc7bb2f87fcf349d3483497c76f8c9fb2923fe54f9d8c662fdc57a8c5a
-
SHA512
8ae98e4bae3299095e9b3d668f5cea7155cc0eab471be6fbd278b15593fd79dda4de5ff45554ffeca5b5cfc0e8f4c6194acb55e12d18a2eeeb8596e4dbd8ed08
-
SSDEEP
786432:GVuXoaq7A/9YtfMYsdBV05XO7rNBGFwgNE9H6F1Ioy:GUXoaqmQzYKO7poFBk6Lc
Malware Config
Targets
-
-
Target
Eufonia-Client-windows-x86_64.msi
-
Size
29.5MB
-
MD5
043c5c1502dc00487a1dfd99b62732b2
-
SHA1
67c284c5852bd2af91a55ec5d08f792de666e0bb
-
SHA256
bb55abbc7bb2f87fcf349d3483497c76f8c9fb2923fe54f9d8c662fdc57a8c5a
-
SHA512
8ae98e4bae3299095e9b3d668f5cea7155cc0eab471be6fbd278b15593fd79dda4de5ff45554ffeca5b5cfc0e8f4c6194acb55e12d18a2eeeb8596e4dbd8ed08
-
SSDEEP
786432:GVuXoaq7A/9YtfMYsdBV05XO7rNBGFwgNE9H6F1Ioy:GUXoaqmQzYKO7poFBk6Lc
Score6/10-
Downloads MZ/PE file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Event Triggered Execution: Image File Execution Options Injection
-
Drops file in System32 directory
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
3Component Object Model Hijacking
1Image File Execution Options Injection
1Installer Packages
1Privilege Escalation
Event Triggered Execution
3Component Object Model Hijacking
1Image File Execution Options Injection
1Installer Packages
1