Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    tmp

  • Size

    306KB

  • Sample

    230722-wn7nlacb7v

  • MD5

    f9f7e4b734d555814439256a4550a9dd

  • SHA1

    110f36964c9ad34d35e7afeb48215764500d37cd

  • SHA256

    97261fee3b80f8396ae8c4c2522d7613b69b41644e5c8e03948aedf6778c3e42

  • SHA512

    5d80924fe621eeb456e213812efabd545b156adcd13d83068ce76572bb199d9f10f606efd8d9c2fb0fff4b3318cde384b390b8e94cd8dc82955718cf62ea691e

  • SSDEEP

    6144:ZaA+l9nqPU0wLpfAWGWrF4pXkgJFF1kCsOPF/TbL8LahOlosA:ZJ+l9sUxpUiF4lksFmCr/TbLAaAlo

Score
10/10

Malware Config

Targets

    • Target

      tmp

    • Size

      306KB

    • MD5

      f9f7e4b734d555814439256a4550a9dd

    • SHA1

      110f36964c9ad34d35e7afeb48215764500d37cd

    • SHA256

      97261fee3b80f8396ae8c4c2522d7613b69b41644e5c8e03948aedf6778c3e42

    • SHA512

      5d80924fe621eeb456e213812efabd545b156adcd13d83068ce76572bb199d9f10f606efd8d9c2fb0fff4b3318cde384b390b8e94cd8dc82955718cf62ea691e

    • SSDEEP

      6144:ZaA+l9nqPU0wLpfAWGWrF4pXkgJFF1kCsOPF/TbL8LahOlosA:ZJ+l9sUxpUiF4lksFmCr/TbLAaAlo

    Score
    10/10
    • Modifies WinLogon for persistence

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks