Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ntokrnl.exe

  • Size

    7.8MB

  • Sample

    230630-z382raeg29

  • MD5

    c19184bceaabb8ede17cf36c913345a4

  • SHA1

    8cc33de9b25e1624e009dac03bbc229ee51c763d

  • SHA256

    5732affc1ba8e455d627a9bb2356c89a4741959221ee491cc8200be84a538261

  • SHA512

    e49bbb265d882cf72a422cd19a9d81d62d572fac77bd775799861aa89bdbd0ed6287b62928f9ccccda30fe4c048820a58789a28a0ce08dfebfe134218611e1f4

  • SSDEEP

    196608:klMldQmRJ8dA6loVCy1ArqkVpKCX+PrF4ZIeghQiATF2MJh:6cdQusloVrAZYCuPJOIegtCQW

Score
7/10

Malware Config

Targets

    • Target

      ntokrnl.exe

    • Size

      7.8MB

    • MD5

      c19184bceaabb8ede17cf36c913345a4

    • SHA1

      8cc33de9b25e1624e009dac03bbc229ee51c763d

    • SHA256

      5732affc1ba8e455d627a9bb2356c89a4741959221ee491cc8200be84a538261

    • SHA512

      e49bbb265d882cf72a422cd19a9d81d62d572fac77bd775799861aa89bdbd0ed6287b62928f9ccccda30fe4c048820a58789a28a0ce08dfebfe134218611e1f4

    • SSDEEP

      196608:klMldQmRJ8dA6loVCy1ArqkVpKCX+PrF4ZIeghQiATF2MJh:6cdQusloVrAZYCuPJOIegtCQW

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks