Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    539061a17804854fc7cc766069d84113629d583b9c7c1a08d66e6ae1136230b4N

  • Size

    822KB

  • Sample

    241013-m9n9psyakq

  • MD5

    28b8a068f6f920939872671162822250

  • SHA1

    77944f8ae243c52339c79622ce1decd0a9c9d629

  • SHA256

    539061a17804854fc7cc766069d84113629d583b9c7c1a08d66e6ae1136230b4

  • SHA512

    c6ac87a610f8dedfd65c3d629929dc08ae57209e4cafbbcc6568e1ef5185e5cb96c315e058d510af1428118b3d5981ec313afbeab7b8d4d36911e2fdf61c0364

  • SSDEEP

    12288:xOdht2EP6MCpxNU3ly8EeyR6sR40v8qL0I+cguHoEDgwWox2LWi8gPqCdaWMobBB:DM31gRFVxgurk4Wd90F8LH

Malware Config

Targets

    • Target

      539061a17804854fc7cc766069d84113629d583b9c7c1a08d66e6ae1136230b4N

    • Size

      822KB

    • MD5

      28b8a068f6f920939872671162822250

    • SHA1

      77944f8ae243c52339c79622ce1decd0a9c9d629

    • SHA256

      539061a17804854fc7cc766069d84113629d583b9c7c1a08d66e6ae1136230b4

    • SHA512

      c6ac87a610f8dedfd65c3d629929dc08ae57209e4cafbbcc6568e1ef5185e5cb96c315e058d510af1428118b3d5981ec313afbeab7b8d4d36911e2fdf61c0364

    • SSDEEP

      12288:xOdht2EP6MCpxNU3ly8EeyR6sR40v8qL0I+cguHoEDgwWox2LWi8gPqCdaWMobBB:DM31gRFVxgurk4Wd90F8LH

    • Modifies firewall policy service

    • Uses the VBS compiler for execution

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks