Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    687923489c3fdd71fb190410d42ab16fadc5b31ded0a5d2efe2aed34d230d29f

  • Size

    558KB

  • Sample

    221003-bh6h5abfbq

  • MD5

    6b1cd0693892de52f73f79e35ddea070

  • SHA1

    fd4b22203710328bf6d5d904c0edbba6b26969a3

  • SHA256

    687923489c3fdd71fb190410d42ab16fadc5b31ded0a5d2efe2aed34d230d29f

  • SHA512

    1b5a3090d4fdff2f1c6c5172b67181008abb8e72917647f8e8761df48d360c1224848ac6ac63d9e1624160fcfc035a463ceef456366fb09aef44720f97e4a6c7

  • SSDEEP

    12288:0MQdgFHdoTWjfCNNEPtgyGa1pfkG2Sl4ymgh+:7FKTWfCNNEPtpkq46c

Malware Config

Targets

    • Target

      687923489c3fdd71fb190410d42ab16fadc5b31ded0a5d2efe2aed34d230d29f

    • Size

      558KB

    • MD5

      6b1cd0693892de52f73f79e35ddea070

    • SHA1

      fd4b22203710328bf6d5d904c0edbba6b26969a3

    • SHA256

      687923489c3fdd71fb190410d42ab16fadc5b31ded0a5d2efe2aed34d230d29f

    • SHA512

      1b5a3090d4fdff2f1c6c5172b67181008abb8e72917647f8e8761df48d360c1224848ac6ac63d9e1624160fcfc035a463ceef456366fb09aef44720f97e4a6c7

    • SSDEEP

      12288:0MQdgFHdoTWjfCNNEPtgyGa1pfkG2Sl4ymgh+:7FKTWfCNNEPtpkq46c

    • Modifies WinLogon for persistence

    • Modifies firewall policy service

    • Modifies security service

    • UAC bypass

    • Windows security bypass

    • Disables Task Manager via registry modification

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops startup file

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks