Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fef1ec3367c1cdd00a658cc1879d48f1b2408fcd4f25c02b667a8272f24f2a2a

  • Size

    176KB

  • Sample

    221129-jecewacc8z

  • MD5

    b52596cc2f51e4cca31b4be61a1c8ac0

  • SHA1

    89fdbc0d9781d1e2705b8712613e43b93aa436be

  • SHA256

    fef1ec3367c1cdd00a658cc1879d48f1b2408fcd4f25c02b667a8272f24f2a2a

  • SHA512

    f2fec90d388ffc46b9f1adfbde2c686b4f6e07fb778558ca99e22e21bc83997d4734bba425bb99fcb433452fe505fdfc301d4c125d817430d3e751ffa8ed0ad2

  • SSDEEP

    3072:pgKKuiX63bw5dNjDh8pWVgTlFIYnUBBOmCCYhTQw/adrEV:iKZp3KNjVGv5KYhMN4

Malware Config

Targets

    • Target

      fef1ec3367c1cdd00a658cc1879d48f1b2408fcd4f25c02b667a8272f24f2a2a

    • Size

      176KB

    • MD5

      b52596cc2f51e4cca31b4be61a1c8ac0

    • SHA1

      89fdbc0d9781d1e2705b8712613e43b93aa436be

    • SHA256

      fef1ec3367c1cdd00a658cc1879d48f1b2408fcd4f25c02b667a8272f24f2a2a

    • SHA512

      f2fec90d388ffc46b9f1adfbde2c686b4f6e07fb778558ca99e22e21bc83997d4734bba425bb99fcb433452fe505fdfc301d4c125d817430d3e751ffa8ed0ad2

    • SSDEEP

      3072:pgKKuiX63bw5dNjDh8pWVgTlFIYnUBBOmCCYhTQw/adrEV:iKZp3KNjVGv5KYhMN4

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks