Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    04b66998158d55722562b37875128cad

  • Size

    5.3MB

  • Sample

    231229-1kntjaffhk

  • MD5

    04b66998158d55722562b37875128cad

  • SHA1

    f2034598921528f96b8f9e5059e17b384d887049

  • SHA256

    91842fb7fa1c1ff89ccbf7f22013609ecdf520bd4fc5e9e382c0c8615d22b784

  • SHA512

    bd9cec1f5088a93f69dcb0f0bda721bdd006bd4ccdba0eb1f5239291f246528d7a44550790af6f631d99114999f9f6c31b18dea3732dbc41e5aefc8629600c4b

  • SSDEEP

    98304:0fR9XUg1XGTOq/pDi2mgJtNI3ykcKKpvIl8jb+S2bSF9kyIeROE7VO2qxuXHukvy:0fUOqxDNVUyuuv5bF2ODRvVLy/3vum2s

Score
8/10

Malware Config

Targets

    • Target

      04b66998158d55722562b37875128cad

    • Size

      5.3MB

    • MD5

      04b66998158d55722562b37875128cad

    • SHA1

      f2034598921528f96b8f9e5059e17b384d887049

    • SHA256

      91842fb7fa1c1ff89ccbf7f22013609ecdf520bd4fc5e9e382c0c8615d22b784

    • SHA512

      bd9cec1f5088a93f69dcb0f0bda721bdd006bd4ccdba0eb1f5239291f246528d7a44550790af6f631d99114999f9f6c31b18dea3732dbc41e5aefc8629600c4b

    • SSDEEP

      98304:0fR9XUg1XGTOq/pDi2mgJtNI3ykcKKpvIl8jb+S2bSF9kyIeROE7VO2qxuXHukvy:0fUOqxDNVUyuuv5bF2ODRvVLy/3vum2s

    Score
    8/10
    • Stops running service(s)

    • Uses Session Manager for persistence

      Creates Session Manager registry key to run executable early in system boot.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks