Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    25a2e9e53faa01b037238a4834387da2

  • Size

    3.1MB

  • Sample

    231231-dkh7qadfcq

  • MD5

    25a2e9e53faa01b037238a4834387da2

  • SHA1

    0c01d526a60119d23fab35532425248d58e4270d

  • SHA256

    039c163b84e799dc7bb23021d74c20185f2bd826cbb4a1e0035991578637ee5d

  • SHA512

    2ec5ea4036267b3f917cab584bea51a98821dbaa9fbc440fa6028b9a36dbca3c8072e093e2d4fd297291cdcc138d2f11be67c1fea07b8a44896d992f57eef233

  • SSDEEP

    98304:o2mhtXP+pTDCrmHZ9Gy7dWHQJIuULiVzxDXwZjUEDYZT+FVim4e:aaTG6HzfznbCfDxVite

Score
8/10

Malware Config

Targets

    • Target

      25a2e9e53faa01b037238a4834387da2

    • Size

      3.1MB

    • MD5

      25a2e9e53faa01b037238a4834387da2

    • SHA1

      0c01d526a60119d23fab35532425248d58e4270d

    • SHA256

      039c163b84e799dc7bb23021d74c20185f2bd826cbb4a1e0035991578637ee5d

    • SHA512

      2ec5ea4036267b3f917cab584bea51a98821dbaa9fbc440fa6028b9a36dbca3c8072e093e2d4fd297291cdcc138d2f11be67c1fea07b8a44896d992f57eef233

    • SSDEEP

      98304:o2mhtXP+pTDCrmHZ9Gy7dWHQJIuULiVzxDXwZjUEDYZT+FVim4e:aaTG6HzfznbCfDxVite

    Score
    8/10
    • Modifies Windows Firewall

    • Stops running service(s)

    • Uses Session Manager for persistence

      Creates Session Manager registry key to run executable early in system boot.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks