Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3484b9ce4564f833b37a272cde5fc29987649d14ed3b7ecb4070be5d4eb74cb1
-
Size
1.3MB
-
Sample
241025-y9crfs1qdk
-
MD5
72e015e1fecb856c76650fdebd96ae49
-
SHA1
28508265808e0d34037123127a08a18324873267
-
SHA256
3484b9ce4564f833b37a272cde5fc29987649d14ed3b7ecb4070be5d4eb74cb1
-
SHA512
2408815038e9d8ff533e12114aa71ce39b07547539b25415ee252e6059057c090df07ac80adea0a5ed339b2494f41bea8cbd25c541b0d94986c15ba6e58284b2
-
SSDEEP
24576:2W8hZN6J0QajUaag+e+7ZY5/UDsL/vEcr7KOoEGrsS74VeMrbT8iX82L2J:z8hW2Qa4aa77ZzifruOoEGrt7ArbT8i2
Static task
static1
Behavioral task
behavioral1
Sample
3484b9ce4564f833b37a272cde5fc29987649d14ed3b7ecb4070be5d4eb74cb1.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
3484b9ce4564f833b37a272cde5fc29987649d14ed3b7ecb4070be5d4eb74cb1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
3484b9ce4564f833b37a272cde5fc29987649d14ed3b7ecb4070be5d4eb74cb1
-
Size
1.3MB
-
MD5
72e015e1fecb856c76650fdebd96ae49
-
SHA1
28508265808e0d34037123127a08a18324873267
-
SHA256
3484b9ce4564f833b37a272cde5fc29987649d14ed3b7ecb4070be5d4eb74cb1
-
SHA512
2408815038e9d8ff533e12114aa71ce39b07547539b25415ee252e6059057c090df07ac80adea0a5ed339b2494f41bea8cbd25c541b0d94986c15ba6e58284b2
-
SSDEEP
24576:2W8hZN6J0QajUaag+e+7ZY5/UDsL/vEcr7KOoEGrsS74VeMrbT8iX82L2J:z8hW2Qa4aa77ZzifruOoEGrt7ArbT8i2
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1