Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
25a2e9e53faa01b037238a4834387da2
-
Size
3.1MB
-
Sample
231231-dkh7qadfcq
-
MD5
25a2e9e53faa01b037238a4834387da2
-
SHA1
0c01d526a60119d23fab35532425248d58e4270d
-
SHA256
039c163b84e799dc7bb23021d74c20185f2bd826cbb4a1e0035991578637ee5d
-
SHA512
2ec5ea4036267b3f917cab584bea51a98821dbaa9fbc440fa6028b9a36dbca3c8072e093e2d4fd297291cdcc138d2f11be67c1fea07b8a44896d992f57eef233
-
SSDEEP
98304:o2mhtXP+pTDCrmHZ9Gy7dWHQJIuULiVzxDXwZjUEDYZT+FVim4e:aaTG6HzfznbCfDxVite
Malware Config
Targets
-
-
Target
25a2e9e53faa01b037238a4834387da2
-
Size
3.1MB
-
MD5
25a2e9e53faa01b037238a4834387da2
-
SHA1
0c01d526a60119d23fab35532425248d58e4270d
-
SHA256
039c163b84e799dc7bb23021d74c20185f2bd826cbb4a1e0035991578637ee5d
-
SHA512
2ec5ea4036267b3f917cab584bea51a98821dbaa9fbc440fa6028b9a36dbca3c8072e093e2d4fd297291cdcc138d2f11be67c1fea07b8a44896d992f57eef233
-
SSDEEP
98304:o2mhtXP+pTDCrmHZ9Gy7dWHQJIuULiVzxDXwZjUEDYZT+FVim4e:aaTG6HzfznbCfDxVite
Score8/10-
Modifies Windows Firewall
-
Stops running service(s)
-
Uses Session Manager for persistence
Creates Session Manager registry key to run executable early in system boot.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
2Windows Service
2Scheduled Task/Job
1