Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    efdc2582d26e5e452c01bb2b7561ec760176f49f7d17a31bee41480af9933ddb

  • Size

    109KB

  • Sample

    221204-ahhxdshh22

  • MD5

    9278081fc31fcc3ed7fe73d3017e356d

  • SHA1

    50c5987b0ba5304d0168f9ca7af5ddf383966b3b

  • SHA256

    efdc2582d26e5e452c01bb2b7561ec760176f49f7d17a31bee41480af9933ddb

  • SHA512

    076f40ed7a53bcec0df5f9cfaabf3f2a1394ed947835cd0a60c71ee3961aa700bf3d8d6b0272bdc985f62b36eaf38659efcb822e833bb4df5d032fe4ad110a44

  • SSDEEP

    1536:CSVVNlLaF/buyVfsR1W5dou71Qx2aUUQk4oWl:HVNEF/bF9sLW5dou7ex2aUdzow

Score
10/10

Malware Config

Targets

    • Target

      efdc2582d26e5e452c01bb2b7561ec760176f49f7d17a31bee41480af9933ddb

    • Size

      109KB

    • MD5

      9278081fc31fcc3ed7fe73d3017e356d

    • SHA1

      50c5987b0ba5304d0168f9ca7af5ddf383966b3b

    • SHA256

      efdc2582d26e5e452c01bb2b7561ec760176f49f7d17a31bee41480af9933ddb

    • SHA512

      076f40ed7a53bcec0df5f9cfaabf3f2a1394ed947835cd0a60c71ee3961aa700bf3d8d6b0272bdc985f62b36eaf38659efcb822e833bb4df5d032fe4ad110a44

    • SSDEEP

      1536:CSVVNlLaF/buyVfsR1W5dou71Qx2aUUQk4oWl:HVNEF/bF9sLW5dou7ex2aUdzow

    Score
    10/10
    • Modifies WinLogon for persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks