Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

27/06/2023, 22:30

230627-2eybfsff67 10

27/06/2023, 22:26

230627-2cnn8sgf3w 10

General

  • Target

    redirect

  • Size

    6KB

  • Sample

    230627-2cnn8sgf3w

  • MD5

    0b375fb53042dad5215bdf5b50b9f8ef

  • SHA1

    cb1c83d776609d4a50ac9a3232423979513beca9

  • SHA256

    2e97ecb6cbe30536c04b3049eb3372dc6f3ef71354f898f448d4fdd1a560da24

  • SHA512

    524b0c42bd77098c44d09518a02b23ab98653ec0c10621a8c1487b7a27bae60938d9cb1e14914985bdbab1e1691f65d802c03c2c59036451dfe5953b18d46be2

  • SSDEEP

    192:dPHLxX7777/77QF7q0Lod4BYCIdDO/XGE:dPr5HYs0+CIdDO/X/

Malware Config

Targets

    • Target

      redirect

    • Size

      6KB

    • MD5

      0b375fb53042dad5215bdf5b50b9f8ef

    • SHA1

      cb1c83d776609d4a50ac9a3232423979513beca9

    • SHA256

      2e97ecb6cbe30536c04b3049eb3372dc6f3ef71354f898f448d4fdd1a560da24

    • SHA512

      524b0c42bd77098c44d09518a02b23ab98653ec0c10621a8c1487b7a27bae60938d9cb1e14914985bdbab1e1691f65d802c03c2c59036451dfe5953b18d46be2

    • SSDEEP

      192:dPHLxX7777/77QF7q0Lod4BYCIdDO/XGE:dPr5HYs0+CIdDO/X/

    • Modifies WinLogon for persistence

    • UAC bypass

    • Disables RegEdit via registry modification

    • Drops desktop.ini file(s)

    • Legitimate hosting services abused for malware hosting/C2

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v6

Tasks