Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fb42df0d5ec2b31742cbf16c76d9152d415b3677c964122a7f3b4b65de489ae0

  • Size

    199KB

  • Sample

    221003-p88ytsgeam

  • MD5

    671405f6f59a49330b29dfb09ddc135e

  • SHA1

    d1cd04211165b61c283e9dc454f2e7da97c07f22

  • SHA256

    fb42df0d5ec2b31742cbf16c76d9152d415b3677c964122a7f3b4b65de489ae0

  • SHA512

    e81d4ffc6ebfa81e2d23eff9a5c30ff2ac6b1212c3eefbfdefc3462ba971ac80fde23826c0b5224129092c39f0db94d387e2d4b5e227c5ebfd9261a54c2f55d3

  • SSDEEP

    3072:2f8jmIahXzWAx5DxNn3hIE1b49CtpZGohI/4PTq4j2ub/y/Wt5mMqcs9URElFQpG:nmxoALRZ4mZGo6//j6t8Mq79iEL

Score
10/10

Malware Config

Targets

    • Target

      fb42df0d5ec2b31742cbf16c76d9152d415b3677c964122a7f3b4b65de489ae0

    • Size

      199KB

    • MD5

      671405f6f59a49330b29dfb09ddc135e

    • SHA1

      d1cd04211165b61c283e9dc454f2e7da97c07f22

    • SHA256

      fb42df0d5ec2b31742cbf16c76d9152d415b3677c964122a7f3b4b65de489ae0

    • SHA512

      e81d4ffc6ebfa81e2d23eff9a5c30ff2ac6b1212c3eefbfdefc3462ba971ac80fde23826c0b5224129092c39f0db94d387e2d4b5e227c5ebfd9261a54c2f55d3

    • SSDEEP

      3072:2f8jmIahXzWAx5DxNn3hIE1b49CtpZGohI/4PTq4j2ub/y/Wt5mMqcs9URElFQpG:nmxoALRZ4mZGo6//j6t8Mq79iEL

    Score
    10/10
    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Modifies Windows Firewall

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks