Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8843e80b25cf8397387047e13a8af65f283ac2c98de5edfcc3405713b46f4e99
-
Size
1.2MB
-
Sample
241213-h2kjbstmcq
-
MD5
2316ac482d0dace03d25355452fa5da9
-
SHA1
ffdd03e2d779cb1384f1c13c183cf3d2fad27329
-
SHA256
8843e80b25cf8397387047e13a8af65f283ac2c98de5edfcc3405713b46f4e99
-
SHA512
18086704fc157c7c132e70778c8b57a04ef859324264ab2b34ad2915e756653029abf4f7384973e3c9aba28e456cd6c746076fc454f2d3a6b1825342c061691e
-
SSDEEP
24576:/Bbgmk3tWyhxKhYD4vfm5Sf+w6yqFJt5Am/KMNH1QPSVCdpVX:5UgyhxK9vfIzwdqF1NHH1QPSCpV
Static task
static1
Behavioral task
behavioral1
Sample
8843e80b25cf8397387047e13a8af65f283ac2c98de5edfcc3405713b46f4e99.exe
Resource
win7-20240903-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
8843e80b25cf8397387047e13a8af65f283ac2c98de5edfcc3405713b46f4e99
-
Size
1.2MB
-
MD5
2316ac482d0dace03d25355452fa5da9
-
SHA1
ffdd03e2d779cb1384f1c13c183cf3d2fad27329
-
SHA256
8843e80b25cf8397387047e13a8af65f283ac2c98de5edfcc3405713b46f4e99
-
SHA512
18086704fc157c7c132e70778c8b57a04ef859324264ab2b34ad2915e756653029abf4f7384973e3c9aba28e456cd6c746076fc454f2d3a6b1825342c061691e
-
SSDEEP
24576:/Bbgmk3tWyhxKhYD4vfm5Sf+w6yqFJt5Am/KMNH1QPSVCdpVX:5UgyhxK9vfIzwdqF1NHH1QPSCpV
-
Modifies firewall policy service
-
Sality family
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5