Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7ce6669643890d209540d68e76c0cfcc.bin
-
Size
2.6MB
-
Sample
250108-bqtjjazkhp
-
MD5
e1a1d8bd95e25d54e462e3055825db75
-
SHA1
c8ea77d6fd3591cd3182b3a844218edf99c41d36
-
SHA256
2345086086d5f393dcecb7d8b16e1027bf29215d2ac1caf2f0602b4b534f13fe
-
SHA512
72857f123adbd5798a6e0b983f7c6325bb288ce579afd32f9108e2233d884c14750b672e29687f95f9ae012016e98e7e7e16655a1e05b48dc4be54150cceeda1
-
SSDEEP
49152:dQgZdKiickU4oBtCasCXk7phi26MkcWEgXZSbJ2rfrdfJDqMrMi+sSREzpPw5XU5:3ZaH6tCaJk7phi2mPZSF2rTdf9oNsSEv
Behavioral task
behavioral1
Sample
27f1cdf3422c4c87d9d273a62df4404339119e416d16d8512479d87acd07c12b.msi
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
27f1cdf3422c4c87d9d273a62df4404339119e416d16d8512479d87acd07c12b.msi
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
27f1cdf3422c4c87d9d273a62df4404339119e416d16d8512479d87acd07c12b.msi
-
Size
2.9MB
-
MD5
7ce6669643890d209540d68e76c0cfcc
-
SHA1
c49df2e823d5e2461a11c96ad4d36974c7fffc9a
-
SHA256
27f1cdf3422c4c87d9d273a62df4404339119e416d16d8512479d87acd07c12b
-
SHA512
dfb7cde9198fe29e9b8738ab2ddca34db87c3be6d9eb1c68e507ffb59f4f9e66761ab84a1e40b4fa040aa061f214c2e2ea1efcfc875bcca44bdf947639ef10ed
-
SSDEEP
49152:a+1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:a+lUlz9FKbsodq0YaH7ZPxMb8tT
-
Ateraagent family
-
Detects AteraAgent
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1System Binary Proxy Execution
1Msiexec
1