Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    tmp

  • Size

    320KB

  • Sample

    221007-xdlttaddan

  • MD5

    79c8aec89b55f0fd893c5358cfe66634

  • SHA1

    cb1065ed12890f9dfa599e94c559626129f9efcb

  • SHA256

    78bd069d6b2a1e617941b71b6953e0a8c792f49d3afbf3663610d60e280048fa

  • SHA512

    8f0080961607b102006594f33904b2e61346c4465874807e411a61d8ac08b3abb186736549161e1ce09910fc3c87f37e1a4052cbb88e8207c9b7b80668fa6ffd

  • SSDEEP

    6144:L2CgfxElP8isat6Z475cw0npnlSLmarpUguiVuVTEryN+9t7NS:L2YR2DEknwaaFUZiVuK7

Score
10/10

Malware Config

Targets

    • Target

      tmp

    • Size

      320KB

    • MD5

      79c8aec89b55f0fd893c5358cfe66634

    • SHA1

      cb1065ed12890f9dfa599e94c559626129f9efcb

    • SHA256

      78bd069d6b2a1e617941b71b6953e0a8c792f49d3afbf3663610d60e280048fa

    • SHA512

      8f0080961607b102006594f33904b2e61346c4465874807e411a61d8ac08b3abb186736549161e1ce09910fc3c87f37e1a4052cbb88e8207c9b7b80668fa6ffd

    • SSDEEP

      6144:L2CgfxElP8isat6Z475cw0npnlSLmarpUguiVuVTEryN+9t7NS:L2YR2DEknwaaFUZiVuK7

    Score
    10/10
    • Modifies WinLogon for persistence

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks