Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4151abfb73827d4110f720bb4e5076220bc09b44e22d386f8cdf949515d82dc9
-
Size
1.6MB
-
Sample
241220-3j3bmsxlfr
-
MD5
323834f42b1ac8eafc843077d59eb240
-
SHA1
91ca3ea566d6f594c008cde75942305b2f24f550
-
SHA256
4151abfb73827d4110f720bb4e5076220bc09b44e22d386f8cdf949515d82dc9
-
SHA512
9bfd31c0abfdf2c764efd443f9d65f13c78186d6e954aeaf8db0b9264794f806ac196a25c895ff5fc6c405463722b111ef7b1b10d97d42f779f757f946795e07
-
SSDEEP
49152:GezaTF8FcNkNdfE0pZ9ozttwIRakGN8r7+9/ShKmlCL:GemTLkNdfE0pZyc
Behavioral task
behavioral1
Sample
4151abfb73827d4110f720bb4e5076220bc09b44e22d386f8cdf949515d82dc9.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4151abfb73827d4110f720bb4e5076220bc09b44e22d386f8cdf949515d82dc9.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4151abfb73827d4110f720bb4e5076220bc09b44e22d386f8cdf949515d82dc9
-
Size
1.6MB
-
MD5
323834f42b1ac8eafc843077d59eb240
-
SHA1
91ca3ea566d6f594c008cde75942305b2f24f550
-
SHA256
4151abfb73827d4110f720bb4e5076220bc09b44e22d386f8cdf949515d82dc9
-
SHA512
9bfd31c0abfdf2c764efd443f9d65f13c78186d6e954aeaf8db0b9264794f806ac196a25c895ff5fc6c405463722b111ef7b1b10d97d42f779f757f946795e07
-
SSDEEP
49152:GezaTF8FcNkNdfE0pZ9ozttwIRakGN8r7+9/ShKmlCL:GemTLkNdfE0pZyc
Score10/10-
Xmrig family
-
XMRig Miner payload
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
1Accessibility Features
1Privilege Escalation
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
1Accessibility Features
1