Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5dc11ec3ef50428adbaddfe4b66c8b9c
-
Size
2.5MB
-
Sample
231226-jr3slaeagn
-
MD5
5dc11ec3ef50428adbaddfe4b66c8b9c
-
SHA1
d1ec0d9a75326ff45cb0f9b0690c52ac09b97623
-
SHA256
cfe3d835275ab7d9317168a45294687e18004382e3af661bf8fc86c3446e12a8
-
SHA512
41e7bc131d06b83a286e9482a3b38aa514cefa631baecfcaad22febb378be3232b3ef31b788a0fe7139ae49056b75d5c319069ff63da5483dacdc6ba29c731bd
-
SSDEEP
24576:t8+kEW1dDBDtIiz++sprV6zJqKs/SjhDV:tQEWvZ9+Z69mkVV
Malware Config
Targets
-
-
Target
5dc11ec3ef50428adbaddfe4b66c8b9c
-
Size
2.5MB
-
MD5
5dc11ec3ef50428adbaddfe4b66c8b9c
-
SHA1
d1ec0d9a75326ff45cb0f9b0690c52ac09b97623
-
SHA256
cfe3d835275ab7d9317168a45294687e18004382e3af661bf8fc86c3446e12a8
-
SHA512
41e7bc131d06b83a286e9482a3b38aa514cefa631baecfcaad22febb378be3232b3ef31b788a0fe7139ae49056b75d5c319069ff63da5483dacdc6ba29c731bd
-
SSDEEP
24576:t8+kEW1dDBDtIiz++sprV6zJqKs/SjhDV:tQEWvZ9+Z69mkVV
Score10/10-
Modifies WinLogon for persistence
-
Adds policy Run key to start application
-
Modifies Installed Components in the registry
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-