Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    901f242e277472b0f214055410ff8e36fe1385e45b5ff6a628db8a4a6ca00eb9

  • Size

    345KB

  • Sample

    221126-b8xznsda85

  • MD5

    e2c77052b14aebb6d5fe7cfe2d7245ea

  • SHA1

    743f660f1b12a8e304ea85db024975a3777d9794

  • SHA256

    901f242e277472b0f214055410ff8e36fe1385e45b5ff6a628db8a4a6ca00eb9

  • SHA512

    efacccd99eb4f196feb99a44179233d46a16d8ba51c07ad3bcaac7a3fd1eaef5f775c2d5aa3b6eacd736d1ac4f5e161d079c8c107359c90d2f543bfa585b45b7

  • SSDEEP

    6144:yCp6Q3Ow9J9HSO7Ktol68AE+0csAfWkrX/Qt+ALbEWe5p/cT:L6Q3BLHLlPzHkfrL/Qt+A835

Score
10/10

Malware Config

Targets

    • Target

      901f242e277472b0f214055410ff8e36fe1385e45b5ff6a628db8a4a6ca00eb9

    • Size

      345KB

    • MD5

      e2c77052b14aebb6d5fe7cfe2d7245ea

    • SHA1

      743f660f1b12a8e304ea85db024975a3777d9794

    • SHA256

      901f242e277472b0f214055410ff8e36fe1385e45b5ff6a628db8a4a6ca00eb9

    • SHA512

      efacccd99eb4f196feb99a44179233d46a16d8ba51c07ad3bcaac7a3fd1eaef5f775c2d5aa3b6eacd736d1ac4f5e161d079c8c107359c90d2f543bfa585b45b7

    • SSDEEP

      6144:yCp6Q3Ow9J9HSO7Ktol68AE+0csAfWkrX/Qt+ALbEWe5p/cT:L6Q3BLHLlPzHkfrL/Qt+A835

    Score
    10/10
    • Modifies WinLogon for persistence

    • Sets file execution options in registry

    • Adds Run key to start application

    • Checks for any installed AV software in registry

    • Drops desktop.ini file(s)

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks