Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b15624e44e6de7f3b360623fef5adf40859226c81cb1ddc2540b4e54461cfa99

  • Size

    70KB

  • Sample

    221004-g1rqksfdfm

  • MD5

    54d2368d604ac5852507b39ade0941f2

  • SHA1

    6d9e4c37a6c6f9d893e3e8778122a1d466c5954e

  • SHA256

    b15624e44e6de7f3b360623fef5adf40859226c81cb1ddc2540b4e54461cfa99

  • SHA512

    2a0ca14b52aa10f252be724b065154a823aec86b16310d69bdce7e63052edd8c7e4aa510da19e8510a3f1ea08592b65a8471efd44b280401c54c72bc27a8c54e

  • SSDEEP

    768:1iCHI1nffAkGisSQ6KRcJZOYoBudWaDyqzlL49FLdS5yA+jz+CEt+R5nOwekfZUW:1LHIlfH7Q6qRBwWa2qxQFZA+j6wWw+9

Malware Config

Targets

    • Target

      b15624e44e6de7f3b360623fef5adf40859226c81cb1ddc2540b4e54461cfa99

    • Size

      70KB

    • MD5

      54d2368d604ac5852507b39ade0941f2

    • SHA1

      6d9e4c37a6c6f9d893e3e8778122a1d466c5954e

    • SHA256

      b15624e44e6de7f3b360623fef5adf40859226c81cb1ddc2540b4e54461cfa99

    • SHA512

      2a0ca14b52aa10f252be724b065154a823aec86b16310d69bdce7e63052edd8c7e4aa510da19e8510a3f1ea08592b65a8471efd44b280401c54c72bc27a8c54e

    • SSDEEP

      768:1iCHI1nffAkGisSQ6KRcJZOYoBudWaDyqzlL49FLdS5yA+jz+CEt+R5nOwekfZUW:1LHIlfH7Q6qRBwWa2qxQFZA+j6wWw+9

    • Modifies WinLogon for persistence

    • Modifies system executable filetype association

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Windows security bypass

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Disables use of System Restore points

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks