Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9b932af0c798ea2b64c86bb9fbaf4f669658a97a61b45756402dbb03f274402e

  • Size

    43KB

  • Sample

    221207-dvvcqsah99

  • MD5

    b8e9ef8d6bf4972d608489b534452cfd

  • SHA1

    8a5f2646ab7d98ed5137c9edc0e748b930fe1c67

  • SHA256

    9b932af0c798ea2b64c86bb9fbaf4f669658a97a61b45756402dbb03f274402e

  • SHA512

    486e8b9956958166dbed170ef7bbe5170c5786588af130c47a9f737151aad7942cceac33dde61e306d295082cc51489261f2c8e58ec4f8379bdd815eb83a174d

  • SSDEEP

    768:dBYFvsPzboLlriC1JWOTFkaP4mrDnnD3gRbcixa4i5YtyI++hf:d6tsPzkpri2acFjwRFxlXtyIZd

Malware Config

Targets

    • Target

      9b932af0c798ea2b64c86bb9fbaf4f669658a97a61b45756402dbb03f274402e

    • Size

      43KB

    • MD5

      b8e9ef8d6bf4972d608489b534452cfd

    • SHA1

      8a5f2646ab7d98ed5137c9edc0e748b930fe1c67

    • SHA256

      9b932af0c798ea2b64c86bb9fbaf4f669658a97a61b45756402dbb03f274402e

    • SHA512

      486e8b9956958166dbed170ef7bbe5170c5786588af130c47a9f737151aad7942cceac33dde61e306d295082cc51489261f2c8e58ec4f8379bdd815eb83a174d

    • SSDEEP

      768:dBYFvsPzboLlriC1JWOTFkaP4mrDnnD3gRbcixa4i5YtyI++hf:d6tsPzkpri2acFjwRFxlXtyIZd

    • Modifies WinLogon for persistence

    • UAC bypass

    • Disables Task Manager via registry modification

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks