Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c1557b9b44f6ffc93612b287bbd5b16ebbefe41bfdf98a440fec4505956d4d0e

  • Size

    75KB

  • Sample

    221021-eqd1mabcgj

  • MD5

    7ab1afb389bc52cc511e956becd18f80

  • SHA1

    e734e42dee57805f45704b83f264ee03ebb977bc

  • SHA256

    c1557b9b44f6ffc93612b287bbd5b16ebbefe41bfdf98a440fec4505956d4d0e

  • SHA512

    a4c0af042647e278a51a937869d3c3c61ad081c2cb57b02f959cdc62375350d5696cad33f45be5ff9fbcf67ece8e457d293a88bea17a0056b8b503592b618d54

  • SSDEEP

    1536:aaIoMKhdLjEPUZ4NYjHYq/SAwwgIBIw+7J:3IopQPyHbz/SAhrIw+l

Score
10/10

Malware Config

Targets

    • Target

      c1557b9b44f6ffc93612b287bbd5b16ebbefe41bfdf98a440fec4505956d4d0e

    • Size

      75KB

    • MD5

      7ab1afb389bc52cc511e956becd18f80

    • SHA1

      e734e42dee57805f45704b83f264ee03ebb977bc

    • SHA256

      c1557b9b44f6ffc93612b287bbd5b16ebbefe41bfdf98a440fec4505956d4d0e

    • SHA512

      a4c0af042647e278a51a937869d3c3c61ad081c2cb57b02f959cdc62375350d5696cad33f45be5ff9fbcf67ece8e457d293a88bea17a0056b8b503592b618d54

    • SSDEEP

      1536:aaIoMKhdLjEPUZ4NYjHYq/SAwwgIBIw+7J:3IopQPyHbz/SAhrIw+l

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Modifies WinLogon

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks