Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
52e68e017378cbe56bcb5441b5317a2f354a267845297863645cdcd3dfa3f256
-
Size
452KB
-
Sample
241003-gxqdcaycqm
-
MD5
2211b4ce6e4c907d6fd2cc2835ed1fb1
-
SHA1
8c942f139a93b065e6e325743d6927bb1208d950
-
SHA256
52e68e017378cbe56bcb5441b5317a2f354a267845297863645cdcd3dfa3f256
-
SHA512
1831e37a738e83c64cfdac2bfe8e5e7f9655c8e8503b6fe652a075ff472a958ef3d2f628254286e9a9b466d3b7107ac99fd9f821409b5f06cebceebbe6e90a9b
-
SSDEEP
12288:KW710ihv4c1/2DgDMxvukwQKqDQQQQQQQQQAdddddddddWHrM4vAK8O:KW710itT1zIxoqDQQQQQQQQQAddddddc
Static task
static1
Behavioral task
behavioral1
Sample
52e68e017378cbe56bcb5441b5317a2f354a267845297863645cdcd3dfa3f256.exe
Resource
win7-20240903-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
52e68e017378cbe56bcb5441b5317a2f354a267845297863645cdcd3dfa3f256
-
Size
452KB
-
MD5
2211b4ce6e4c907d6fd2cc2835ed1fb1
-
SHA1
8c942f139a93b065e6e325743d6927bb1208d950
-
SHA256
52e68e017378cbe56bcb5441b5317a2f354a267845297863645cdcd3dfa3f256
-
SHA512
1831e37a738e83c64cfdac2bfe8e5e7f9655c8e8503b6fe652a075ff472a958ef3d2f628254286e9a9b466d3b7107ac99fd9f821409b5f06cebceebbe6e90a9b
-
SSDEEP
12288:KW710ihv4c1/2DgDMxvukwQKqDQQQQQQQQQAdddddddddWHrM4vAK8O:KW710itT1zIxoqDQQQQQQQQQAddddddc
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5