Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5216bb522237025747fb9842fd766140

  • Size

    152KB

  • Sample

    231226-egnhpsbea3

  • MD5

    5216bb522237025747fb9842fd766140

  • SHA1

    99c6f02c60f09e7baa0a46b387111b599fb9fbd7

  • SHA256

    28ad6e46e20367d7608d87023d7f50b2efb425b46f0797d1e57d38bdde6b5b9d

  • SHA512

    36053ab90193424d6c014017aeaf127c778108ff8d972e662a5040d9c62124c22042d5c195650a1bee183830867dc4b5bcabaac97daed11e3d50be7608d420cb

  • SSDEEP

    3072:k/QMFZvOsi67UvPql3psQl0XD6VIOsHbM2N2eGWYxJ9jTbRfZUh:/MVRUvQ3rXKLbM2cIS9jXRqh

Score
10/10

Malware Config

Targets

    • Target

      5216bb522237025747fb9842fd766140

    • Size

      152KB

    • MD5

      5216bb522237025747fb9842fd766140

    • SHA1

      99c6f02c60f09e7baa0a46b387111b599fb9fbd7

    • SHA256

      28ad6e46e20367d7608d87023d7f50b2efb425b46f0797d1e57d38bdde6b5b9d

    • SHA512

      36053ab90193424d6c014017aeaf127c778108ff8d972e662a5040d9c62124c22042d5c195650a1bee183830867dc4b5bcabaac97daed11e3d50be7608d420cb

    • SSDEEP

      3072:k/QMFZvOsi67UvPql3psQl0XD6VIOsHbM2N2eGWYxJ9jTbRfZUh:/MVRUvQ3rXKLbM2cIS9jXRqh

    Score
    10/10
    • Modifies WinLogon for persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks