Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2b262c712bb6ef02721aded9e38e3282ab2af5c247ce01a174ce51036146c5ad
-
Size
120KB
-
Sample
241005-yjne9s1aql
-
MD5
b58af988bb6b08ead9db4307422a38d2
-
SHA1
e8ebe1936972a6b9d74eba676620231fb1a47087
-
SHA256
2b262c712bb6ef02721aded9e38e3282ab2af5c247ce01a174ce51036146c5ad
-
SHA512
3fc301fbccde1f79c8278b77635e3df0da17c6516327704fc950b5a416886f3db06a5489aa03c6c8fe878aac6bdde2930177e867381ed0583a20efe043a6aff3
-
SSDEEP
3072:zioao5+7imXyx6i1f2xY7SpvC0u4SgRyTiJc:+oao5mXjuGpq0XS1Ti
Static task
static1
Behavioral task
behavioral1
Sample
2b262c712bb6ef02721aded9e38e3282ab2af5c247ce01a174ce51036146c5ad.dll
Resource
win7-20240708-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
2b262c712bb6ef02721aded9e38e3282ab2af5c247ce01a174ce51036146c5ad
-
Size
120KB
-
MD5
b58af988bb6b08ead9db4307422a38d2
-
SHA1
e8ebe1936972a6b9d74eba676620231fb1a47087
-
SHA256
2b262c712bb6ef02721aded9e38e3282ab2af5c247ce01a174ce51036146c5ad
-
SHA512
3fc301fbccde1f79c8278b77635e3df0da17c6516327704fc950b5a416886f3db06a5489aa03c6c8fe878aac6bdde2930177e867381ed0583a20efe043a6aff3
-
SSDEEP
3072:zioao5+7imXyx6i1f2xY7SpvC0u4SgRyTiJc:+oao5mXjuGpq0XS1Ti
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5