Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6062bd1438eff974558b4327272d13b81085ccb289a1e9567ad7668c43ccb017N
-
Size
2.0MB
-
Sample
241012-zwrtws1ekd
-
MD5
a7a963f4baaefbdf9043e30d900b5b20
-
SHA1
3ff01b8455f3200d465869c3a5a2866f197f2a1d
-
SHA256
6062bd1438eff974558b4327272d13b81085ccb289a1e9567ad7668c43ccb017
-
SHA512
d5ec31291f3dcd9ba328707509923540ca81ccfca8eb6405688fce8194d2a53649d0f00203d2a402f5d06f0a9e49bc8b190a1c693fe5eb91991d6db12eb0996d
-
SSDEEP
49152:VHSRQDhp0PQXAm3SwVQpp+xZXP2W1TrfDGyaGQbOD:iQTWuVJupQZuuLGy
Static task
static1
Behavioral task
behavioral1
Sample
6062bd1438eff974558b4327272d13b81085ccb289a1e9567ad7668c43ccb017N.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
6062bd1438eff974558b4327272d13b81085ccb289a1e9567ad7668c43ccb017N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6062bd1438eff974558b4327272d13b81085ccb289a1e9567ad7668c43ccb017N
-
Size
2.0MB
-
MD5
a7a963f4baaefbdf9043e30d900b5b20
-
SHA1
3ff01b8455f3200d465869c3a5a2866f197f2a1d
-
SHA256
6062bd1438eff974558b4327272d13b81085ccb289a1e9567ad7668c43ccb017
-
SHA512
d5ec31291f3dcd9ba328707509923540ca81ccfca8eb6405688fce8194d2a53649d0f00203d2a402f5d06f0a9e49bc8b190a1c693fe5eb91991d6db12eb0996d
-
SSDEEP
49152:VHSRQDhp0PQXAm3SwVQpp+xZXP2W1TrfDGyaGQbOD:iQTWuVJupQZuuLGy
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1