Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

PO FILE879...xl.exe

windows7-x64

10

PO FILE879...xl.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO FILE87965345 exl.zip

  • Size

    659KB

  • Sample

    230510-k7w6esfb74

  • MD5

    62ddfb121b22ceedbc44215d140e9daf

  • SHA1

    e445cb698afd70a4812450b237d902a6a7d18b43

  • SHA256

    44801cf505ecb773e76855ad7fbc2bd89c9e3badc7413dc5dbbd2c0b3a39609a

  • SHA512

    6000dee6e065f6b205bc0f3eec2b954f2f59bd3c9617a5623388efa3e63f4112a536359799c59581304ed1506a7c1681918db655e842a1c2ec3029de56901a31

  • SSDEEP

    12288:ZYNyd+LLkMwBux6KR0PYWhqYTsdPuUUo7eheIImdSoJ7+v6kEyU:ZYNykLLy4FR0gWhqY1UNAebmd+SXyU

Score
10/10
persistence

Malware Config

Targets

    • Target

      PO FILE87965345 exl.exe

    • Size

      1.8MB

    • MD5

      26fa36b587e07bde2d99f329ba553e9c

    • SHA1

      5d2b42a954666f85fcf91475c3ec361c4c254764

    • SHA256

      511bd4f1051444242dda8ae6df80720106a6b4d60eab89658baffb142affe730

    • SHA512

      413bf79332518b6af56cc23c162d2b981a94744e463b1a01ab8f3699c681cad077d177e3213132d1791969810bc7065667b331deb4f51570a31c96a625b4c694

    • SSDEEP

      12288:9d7uix2TBXVnBGw4I/6QTdp7lRpIlfMer5iiTvdyEp8NMXzp4J2cT3RnnrgYs3aF:98MXzCYqBrfGadT

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks