Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    29ec600836346c641b153f753ed721fa

  • Size

    503KB

  • Sample

    231225-s3j93abba7

  • MD5

    29ec600836346c641b153f753ed721fa

  • SHA1

    1491d34b229bf06de9c791e6b28eb91d13e542e2

  • SHA256

    77f03b6e7ff483c1e4e156f1279a0d3d788494968917f6f947505b762dcb12d5

  • SHA512

    b32231ada19d28829063b72e21f16fb42c2711a61ddaf3eaf804dcb236384528d5a95587cf77363804b1e4ffdf99e25b83d02d1d0225e1bd2c05151daa904f94

  • SSDEEP

    12288:yc+qifEn16C7bFZr8nnnImLkBlTAHDOR96Btb1:12EF7Jl8ImRjORWb

Malware Config

Targets

    • Target

      29ec600836346c641b153f753ed721fa

    • Size

      503KB

    • MD5

      29ec600836346c641b153f753ed721fa

    • SHA1

      1491d34b229bf06de9c791e6b28eb91d13e542e2

    • SHA256

      77f03b6e7ff483c1e4e156f1279a0d3d788494968917f6f947505b762dcb12d5

    • SHA512

      b32231ada19d28829063b72e21f16fb42c2711a61ddaf3eaf804dcb236384528d5a95587cf77363804b1e4ffdf99e25b83d02d1d0225e1bd2c05151daa904f94

    • SSDEEP

      12288:yc+qifEn16C7bFZr8nnnImLkBlTAHDOR96Btb1:12EF7Jl8ImRjORWb

    • Modifies WinLogon for persistence

    • Modifies security service

    • Windows security bypass

    • Deletes itself

    • Executes dropped EXE

    • Windows security modification

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks