Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.62b6825d1cda4ce64401571f4fd1fba0.exe

  • Size

    21KB

  • Sample

    231101-rgxgtsec36

  • MD5

    62b6825d1cda4ce64401571f4fd1fba0

  • SHA1

    f259ca43616925f59a2202bf54a928cef9776fc2

  • SHA256

    3aadf1c2d7b6a8d4faa78f201697a4f21edef433e73b50d618801375ada7c719

  • SHA512

    b8dcf0629a683ed8ab70b877204616a5ed54b1d93a93331be7b9e5bbf37c0df9530a423a11a38690770b5d384aa2095e6a2faab26ecbfa93a9ba92876ab2a50d

  • SSDEEP

    384:jIz4cOeIQLcDupwRBMgxgOxfzq/1pL7g4X5hPbLWKMC9bTDClcRQ6TtJMqkfQVmO:jIUcBIQIDuWY2gOxbqz7g4LLZ9rZTDk0

Malware Config

Targets

    • Target

      NEAS.62b6825d1cda4ce64401571f4fd1fba0.exe

    • Size

      21KB

    • MD5

      62b6825d1cda4ce64401571f4fd1fba0

    • SHA1

      f259ca43616925f59a2202bf54a928cef9776fc2

    • SHA256

      3aadf1c2d7b6a8d4faa78f201697a4f21edef433e73b50d618801375ada7c719

    • SHA512

      b8dcf0629a683ed8ab70b877204616a5ed54b1d93a93331be7b9e5bbf37c0df9530a423a11a38690770b5d384aa2095e6a2faab26ecbfa93a9ba92876ab2a50d

    • SSDEEP

      384:jIz4cOeIQLcDupwRBMgxgOxfzq/1pL7g4X5hPbLWKMC9bTDClcRQ6TtJMqkfQVmO:jIUcBIQIDuWY2gOxbqz7g4LLZ9rZTDk0

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks