Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0c9e091285c6d82f3c0140bb06266edb17c9cd3faab32835b1aded34f810fd3f

  • Size

    1.4MB

  • Sample

    221128-w2z6nsbd71

  • MD5

    a3e5ec5555b57a904cc84a9b096ad420

  • SHA1

    6d5284c72fa32beb4a7fc7939e6b61e9d9b83eb4

  • SHA256

    0c9e091285c6d82f3c0140bb06266edb17c9cd3faab32835b1aded34f810fd3f

  • SHA512

    134e418a2926520637a976ffc364a87a53e1d9e24ebfc5b0df9bfa701023ff6c394de5778e5e919a916218f38f51503b0580cd30121e831cba3e7f2538e7f0db

  • SSDEEP

    6144:AQbZvy6kqLkZLlUbHiJNnPwALifg9Ty2PoBISB5s2UJmh67OB0FARsKfpYT:A+pyXsmLlUri7PgI2XeOek671gsMps

Malware Config

Targets

    • Target

      0c9e091285c6d82f3c0140bb06266edb17c9cd3faab32835b1aded34f810fd3f

    • Size

      1.4MB

    • MD5

      a3e5ec5555b57a904cc84a9b096ad420

    • SHA1

      6d5284c72fa32beb4a7fc7939e6b61e9d9b83eb4

    • SHA256

      0c9e091285c6d82f3c0140bb06266edb17c9cd3faab32835b1aded34f810fd3f

    • SHA512

      134e418a2926520637a976ffc364a87a53e1d9e24ebfc5b0df9bfa701023ff6c394de5778e5e919a916218f38f51503b0580cd30121e831cba3e7f2538e7f0db

    • SSDEEP

      6144:AQbZvy6kqLkZLlUbHiJNnPwALifg9Ty2PoBISB5s2UJmh67OB0FARsKfpYT:A+pyXsmLlUri7PgI2XeOek671gsMps

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks