Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    18d347001057c68c4f2ad1d2f5af73e2dfa69aa46466fa43b40d7da360b79c01

  • Size

    140KB

  • Sample

    220201-l3teeacegk

  • MD5

    1fe7f68f073ebf9162f1a46a5d45d43c

  • SHA1

    f0e575475f33600aede6a1b9a5c14f671cb93b7b

  • SHA256

    18d347001057c68c4f2ad1d2f5af73e2dfa69aa46466fa43b40d7da360b79c01

  • SHA512

    1c2af46b7538d321d22f9619a575da43391ff9f5aeca09e6db687284e9baea2b56cd75818ec5b6f9b40c9c5bfbe6608e08e0fec4cf8efeec70bfe2cce93a48db

Malware Config

Targets

    • Target

      18d347001057c68c4f2ad1d2f5af73e2dfa69aa46466fa43b40d7da360b79c01

    • Size

      140KB

    • MD5

      1fe7f68f073ebf9162f1a46a5d45d43c

    • SHA1

      f0e575475f33600aede6a1b9a5c14f671cb93b7b

    • SHA256

      18d347001057c68c4f2ad1d2f5af73e2dfa69aa46466fa43b40d7da360b79c01

    • SHA512

      1c2af46b7538d321d22f9619a575da43391ff9f5aeca09e6db687284e9baea2b56cd75818ec5b6f9b40c9c5bfbe6608e08e0fec4cf8efeec70bfe2cce93a48db

    Score
    10/10
    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Sets service image path in registry

MITRE ATT&CK Enterprise v6

Tasks