Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b589714421a06f4639c5abbf7be3fcb1d1251bd82e669c9a252b9a7bbe3ad8fd

  • Size

    101KB

  • Sample

    221201-xq22kabe27

  • MD5

    c6b1c1d86809801a3f8003538861d5b4

  • SHA1

    9b518f14587b3a1489d57b761ad5af7200567310

  • SHA256

    b589714421a06f4639c5abbf7be3fcb1d1251bd82e669c9a252b9a7bbe3ad8fd

  • SHA512

    22ab21722e076c66999f5896bdefac78606e8928132e6b595565747eb9595b65fce8f1597e64c1c5b3cf8f08c509a8b6e5ba1106fbb9c33346add6e54cee4e62

  • SSDEEP

    1536:cDti6KZiKx8La8wenOadt+xButh6GEbDNZRAfC0TOA:cDti6GisPQO1bwEbXRMCA

Score
10/10

Malware Config

Targets

    • Target

      b589714421a06f4639c5abbf7be3fcb1d1251bd82e669c9a252b9a7bbe3ad8fd

    • Size

      101KB

    • MD5

      c6b1c1d86809801a3f8003538861d5b4

    • SHA1

      9b518f14587b3a1489d57b761ad5af7200567310

    • SHA256

      b589714421a06f4639c5abbf7be3fcb1d1251bd82e669c9a252b9a7bbe3ad8fd

    • SHA512

      22ab21722e076c66999f5896bdefac78606e8928132e6b595565747eb9595b65fce8f1597e64c1c5b3cf8f08c509a8b6e5ba1106fbb9c33346add6e54cee4e62

    • SSDEEP

      1536:cDti6KZiKx8La8wenOadt+xButh6GEbDNZRAfC0TOA:cDti6GisPQO1bwEbXRMCA

    Score
    10/10
    • Modifies WinLogon for persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks