Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    827ae5a3d83b59edb5bf82da456eb17ae2f2e8f3a56a9b64b32f10d630408acf

  • Size

    57KB

  • Sample

    221107-n7wfnshbdj

  • MD5

    0c8fe92ae600f0f2c00fff0d5000baf0

  • SHA1

    7430e391ddaa148e98105baabb3d8374f0cb6709

  • SHA256

    827ae5a3d83b59edb5bf82da456eb17ae2f2e8f3a56a9b64b32f10d630408acf

  • SHA512

    6e8f2211a1bd187d4983b7e4c264b1ba58f5664c24aa876535a3ad8061fa82116a24f1ecbd4d697b3812d33ca368a9569f4a9f1df4518862ad0145e4730637e4

  • SSDEEP

    1536:ColLryjTkegAtH/wPYBjoE53mw7xFLgyn:D2U6wPUoMmSj

Score
10/10

Malware Config

Targets

    • Target

      827ae5a3d83b59edb5bf82da456eb17ae2f2e8f3a56a9b64b32f10d630408acf

    • Size

      57KB

    • MD5

      0c8fe92ae600f0f2c00fff0d5000baf0

    • SHA1

      7430e391ddaa148e98105baabb3d8374f0cb6709

    • SHA256

      827ae5a3d83b59edb5bf82da456eb17ae2f2e8f3a56a9b64b32f10d630408acf

    • SHA512

      6e8f2211a1bd187d4983b7e4c264b1ba58f5664c24aa876535a3ad8061fa82116a24f1ecbd4d697b3812d33ca368a9569f4a9f1df4518862ad0145e4730637e4

    • SSDEEP

      1536:ColLryjTkegAtH/wPYBjoE53mw7xFLgyn:D2U6wPUoMmSj

    Score
    10/10
    • Modifies WinLogon for persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks