Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
00c3fda4ff09940ca177d13c0bb3f187
-
Size
422KB
-
Sample
231229-xbpspafhg8
-
MD5
00c3fda4ff09940ca177d13c0bb3f187
-
SHA1
eb366e746c352d9b55661f46a57d44990162b808
-
SHA256
38b9b8ce46960c89911829a3d09c9fa2f61fd8a9a634f4293cc625dcf65803b3
-
SHA512
7eb0f82ed64e1c5071b276cf478754f9163ab70d45eb7f1888175de2db701e8a6378fb661440d0212137302fa8059d2a40db019b28ac196a2bace19898984faf
-
SSDEEP
6144:3/2aLWp4E0ETZY1T23Eu0i67n4+f74PEAh2g/JS8A77iiYce47jstv6DJg:3/2MWZZJUpi64i4PT5Ipnre4soDO
Malware Config
Targets
-
-
Target
00c3fda4ff09940ca177d13c0bb3f187
-
Size
422KB
-
MD5
00c3fda4ff09940ca177d13c0bb3f187
-
SHA1
eb366e746c352d9b55661f46a57d44990162b808
-
SHA256
38b9b8ce46960c89911829a3d09c9fa2f61fd8a9a634f4293cc625dcf65803b3
-
SHA512
7eb0f82ed64e1c5071b276cf478754f9163ab70d45eb7f1888175de2db701e8a6378fb661440d0212137302fa8059d2a40db019b28ac196a2bace19898984faf
-
SSDEEP
6144:3/2aLWp4E0ETZY1T23Eu0i67n4+f74PEAh2g/JS8A77iiYce47jstv6DJg:3/2MWZZJUpi64i4PT5Ipnre4soDO
Score10/10-
Modifies WinLogon for persistence
-
Modifies security service
-
Modifies Installed Components in the registry
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1