Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
04b66998158d55722562b37875128cad
-
Size
5.3MB
-
Sample
231229-1kntjaffhk
-
MD5
04b66998158d55722562b37875128cad
-
SHA1
f2034598921528f96b8f9e5059e17b384d887049
-
SHA256
91842fb7fa1c1ff89ccbf7f22013609ecdf520bd4fc5e9e382c0c8615d22b784
-
SHA512
bd9cec1f5088a93f69dcb0f0bda721bdd006bd4ccdba0eb1f5239291f246528d7a44550790af6f631d99114999f9f6c31b18dea3732dbc41e5aefc8629600c4b
-
SSDEEP
98304:0fR9XUg1XGTOq/pDi2mgJtNI3ykcKKpvIl8jb+S2bSF9kyIeROE7VO2qxuXHukvy:0fUOqxDNVUyuuv5bF2ODRvVLy/3vum2s
Malware Config
Targets
-
-
Target
04b66998158d55722562b37875128cad
-
Size
5.3MB
-
MD5
04b66998158d55722562b37875128cad
-
SHA1
f2034598921528f96b8f9e5059e17b384d887049
-
SHA256
91842fb7fa1c1ff89ccbf7f22013609ecdf520bd4fc5e9e382c0c8615d22b784
-
SHA512
bd9cec1f5088a93f69dcb0f0bda721bdd006bd4ccdba0eb1f5239291f246528d7a44550790af6f631d99114999f9f6c31b18dea3732dbc41e5aefc8629600c4b
-
SSDEEP
98304:0fR9XUg1XGTOq/pDi2mgJtNI3ykcKKpvIl8jb+S2bSF9kyIeROE7VO2qxuXHukvy:0fUOqxDNVUyuuv5bF2ODRvVLy/3vum2s
Score8/10-
Stops running service(s)
-
Uses Session Manager for persistence
Creates Session Manager registry key to run executable early in system boot.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1