Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

db20b0c8f4...fN.exe

windows7-x64

8

db20b0c8f4...fN.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db20b0c8f4b8faa38b7239b86764f499a966644584ffcce7ded537d298dfb32fN

  • Size

    81KB

  • Sample

    241012-w3l1favbkg

  • MD5

    fccabf8ce95cb8c6b35ad26fd72fa320

  • SHA1

    8d701f154d93471be018eea58a8fef33c94faf2d

  • SHA256

    db20b0c8f4b8faa38b7239b86764f499a966644584ffcce7ded537d298dfb32f

  • SHA512

    e6a85ef4bdb9004a959a8c79bf06bf6f14edf2af6823584a95728c11d863027b766160af2ee781c00548d5f25d8f268d96d364fd65d32c941c697e7a084e4a50

  • SSDEEP

    1536:RoG6KpY6Qi3yj2wyq4HwiMO10HVLCJRpsWr6cdaJPBJYYT7/Kx:LenkyfPAwiMq0RqRfbaJZJYYTz

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      db20b0c8f4b8faa38b7239b86764f499a966644584ffcce7ded537d298dfb32fN

    • Size

      81KB

    • MD5

      fccabf8ce95cb8c6b35ad26fd72fa320

    • SHA1

      8d701f154d93471be018eea58a8fef33c94faf2d

    • SHA256

      db20b0c8f4b8faa38b7239b86764f499a966644584ffcce7ded537d298dfb32f

    • SHA512

      e6a85ef4bdb9004a959a8c79bf06bf6f14edf2af6823584a95728c11d863027b766160af2ee781c00548d5f25d8f268d96d364fd65d32c941c697e7a084e4a50

    • SSDEEP

      1536:RoG6KpY6Qi3yj2wyq4HwiMO10HVLCJRpsWr6cdaJPBJYYT7/Kx:LenkyfPAwiMq0RqRfbaJZJYYTz

    Score
    8/10
    discoverypersistence

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Sets service image path in registry

      persistence

    • Downloads MZ/PE file

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks