Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SaDesign download.zip
-
Size
5.6MB
-
Sample
241027-1sqcbstgpr
-
MD5
30efc31421983d4ae5409dea907aa370
-
SHA1
ab03dca026514cff98257f8a48d1ab99cb55c1b7
-
SHA256
14dd7f0f6ce271254c164be12906aef50846bca872c2b3e42030146953db7116
-
SHA512
ad7266f31ee0bfadf1c18d0e8def51cbee2a6ec384454a741635a39584f25ff3533886109fa7dd29fca5337ae3b2820fcb393908a4f3bd7be244bbe653cc0e6d
-
SSDEEP
98304:jRcRyuvWgQHY6qYKZ3+2U5u9HVWpU74yxBlNxqu2LtrlJwzQ4MC9L2v:jRcRfWXZYuy9HYEv7xqltrln4Z96
Static task
static1
Behavioral task
behavioral1
Sample
SaDesign download.zip
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
SaDesign download.zip
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
SaDesign download.zip
-
Size
5.6MB
-
MD5
30efc31421983d4ae5409dea907aa370
-
SHA1
ab03dca026514cff98257f8a48d1ab99cb55c1b7
-
SHA256
14dd7f0f6ce271254c164be12906aef50846bca872c2b3e42030146953db7116
-
SHA512
ad7266f31ee0bfadf1c18d0e8def51cbee2a6ec384454a741635a39584f25ff3533886109fa7dd29fca5337ae3b2820fcb393908a4f3bd7be244bbe653cc0e6d
-
SSDEEP
98304:jRcRyuvWgQHY6qYKZ3+2U5u9HVWpU74yxBlNxqu2LtrlJwzQ4MC9L2v:jRcRfWXZYuy9HYEv7xqltrln4Z96
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Hide Artifacts: Hidden Window
Windows that would typically be displayed when an application carries out an operation can be hidden.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1