Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9f458556607cf619db63f7147e9b46ea132cd542baef6e9a88b012adf0d822e4

  • Size

    250KB

  • Sample

    221205-mxdmfafg9y

  • MD5

    4e3551a05ae8766630458c952578d677

  • SHA1

    ad45e73b9139c293d2616a3293809c6e8072baca

  • SHA256

    9f458556607cf619db63f7147e9b46ea132cd542baef6e9a88b012adf0d822e4

  • SHA512

    22a461df0d4e030ba36c3e6c0cc652da4c09018e3a0af5e17dd2a0d37bb71e8f293d1faee5083ef49fd4e0329089a47e33f097e28102c154a6472e606f10876c

  • SSDEEP

    3072:MGOFLomQsQtM25LSF12LT8nsQqIbSC3IzSNGOsDGLCpIfMhlGV6T3A/tROoHniXb:KXxQtJ2FSBYr3gOrEhdT3A/tROoHLQ

Malware Config

Targets

    • Target

      9f458556607cf619db63f7147e9b46ea132cd542baef6e9a88b012adf0d822e4

    • Size

      250KB

    • MD5

      4e3551a05ae8766630458c952578d677

    • SHA1

      ad45e73b9139c293d2616a3293809c6e8072baca

    • SHA256

      9f458556607cf619db63f7147e9b46ea132cd542baef6e9a88b012adf0d822e4

    • SHA512

      22a461df0d4e030ba36c3e6c0cc652da4c09018e3a0af5e17dd2a0d37bb71e8f293d1faee5083ef49fd4e0329089a47e33f097e28102c154a6472e606f10876c

    • SSDEEP

      3072:MGOFLomQsQtM25LSF12LT8nsQqIbSC3IzSNGOsDGLCpIfMhlGV6T3A/tROoHniXb:KXxQtJ2FSBYr3gOrEhdT3A/tROoHLQ

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds Run key to start application

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies WinLogon

MITRE ATT&CK Enterprise v6

Tasks