Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1008510c01ae812ac9411c6f1abca788

  • Size

    127KB

  • Sample

    231224-yyfnzaabc9

  • MD5

    1008510c01ae812ac9411c6f1abca788

  • SHA1

    a3009e0c6ee1027f7e8a89fa642508ee8a63a5d9

  • SHA256

    98b8c0b46fcd24848cd9c82d48de824ba399297fe67d1b5facaf2d1c8d6a057c

  • SHA512

    a1f885afb95626389132e5f0c7f6068abd50623898d43d2368d3c5d01ee93595c37e5833f828341ad316153bfac577d8a949e3e25926ed7b9a6459e073733a5a

  • SSDEEP

    1536:7amlu3hbBGy3G8nhMpD7MUYU6U5jUdPQc+n35KZg8/nouy8Iu:7reMPd/MYjUtQl78vout

Malware Config

Targets

    • Target

      1008510c01ae812ac9411c6f1abca788

    • Size

      127KB

    • MD5

      1008510c01ae812ac9411c6f1abca788

    • SHA1

      a3009e0c6ee1027f7e8a89fa642508ee8a63a5d9

    • SHA256

      98b8c0b46fcd24848cd9c82d48de824ba399297fe67d1b5facaf2d1c8d6a057c

    • SHA512

      a1f885afb95626389132e5f0c7f6068abd50623898d43d2368d3c5d01ee93595c37e5833f828341ad316153bfac577d8a949e3e25926ed7b9a6459e073733a5a

    • SSDEEP

      1536:7amlu3hbBGy3G8nhMpD7MUYU6U5jUdPQc+n35KZg8/nouy8Iu:7reMPd/MYjUtQl78vout

    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • UAC bypass

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks