Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
16689be3215ee390deda67e00a8cab59
-
Size
16KB
-
Sample
231230-mw6a3acegl
-
MD5
16689be3215ee390deda67e00a8cab59
-
SHA1
2df0a5b98dcfaa0d0d9678ab0fcf8c026312c7f5
-
SHA256
7b77ef5b296a0a3b1bec825ced9a82654af18632fdcd71ef661a10ed738518ec
-
SHA512
1c3a8c4afbea41329fc6db0fd2f45ce1ecaee4164690b46f9f17fd64e6479fc60721e3082d65cb529abb2d4efdfb3b677b6575671bcb0373b7feba9fec06c241
-
SSDEEP
192:NinxVCvaadYvE5DjMFXkVzvaNqkoPzcNSPYMdp7z4VL9ZXgzm3BEmTi7KvJ/:wnxkinE5qkVziIkymSwzZwzNkiK/
Behavioral task
behavioral1
Sample
16689be3215ee390deda67e00a8cab59.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
16689be3215ee390deda67e00a8cab59.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
16689be3215ee390deda67e00a8cab59
-
Size
16KB
-
MD5
16689be3215ee390deda67e00a8cab59
-
SHA1
2df0a5b98dcfaa0d0d9678ab0fcf8c026312c7f5
-
SHA256
7b77ef5b296a0a3b1bec825ced9a82654af18632fdcd71ef661a10ed738518ec
-
SHA512
1c3a8c4afbea41329fc6db0fd2f45ce1ecaee4164690b46f9f17fd64e6479fc60721e3082d65cb529abb2d4efdfb3b677b6575671bcb0373b7feba9fec06c241
-
SSDEEP
192:NinxVCvaadYvE5DjMFXkVzvaNqkoPzcNSPYMdp7z4VL9ZXgzm3BEmTi7KvJ/:wnxkinE5qkVziIkymSwzZwzNkiK/
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Disables use of System Restore points
-
Drops file in Drivers directory
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Disable or Modify Tools
1Modify Registry
8