Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    29fa128fdb68c4dd258f88f907dc865a

  • Size

    64KB

  • Sample

    231231-f5f9zadegp

  • MD5

    29fa128fdb68c4dd258f88f907dc865a

  • SHA1

    c1e130c2b973aba2a187ccd8e473829a0eddad8b

  • SHA256

    3f8f3a8fd4ee2f1a9c8874a9f3e90d9d5a05169f3fd7da9dc5311685d68d9f74

  • SHA512

    063045f6dc6bf5a4cf3099aa20215d44bb4d3895de73c0b07a56ce00423024422d4302615b33536c7d36cf61093622c622d6715e4dab60f03b1d0594c284df9c

  • SSDEEP

    1536:HxTDTC+THDx7XNIXAKAGMYf7NoPFSlj2:RTDTXTjxz2XAUf7N

Score
10/10

Malware Config

Targets

    • Target

      29fa128fdb68c4dd258f88f907dc865a

    • Size

      64KB

    • MD5

      29fa128fdb68c4dd258f88f907dc865a

    • SHA1

      c1e130c2b973aba2a187ccd8e473829a0eddad8b

    • SHA256

      3f8f3a8fd4ee2f1a9c8874a9f3e90d9d5a05169f3fd7da9dc5311685d68d9f74

    • SHA512

      063045f6dc6bf5a4cf3099aa20215d44bb4d3895de73c0b07a56ce00423024422d4302615b33536c7d36cf61093622c622d6715e4dab60f03b1d0594c284df9c

    • SSDEEP

      1536:HxTDTC+THDx7XNIXAKAGMYf7NoPFSlj2:RTDTXTjxz2XAUf7N

    Score
    10/10
    • Modifies security service

    • Windows security bypass

    • Looks for VMWare Tools registry key

    • Deletes itself

    • Executes dropped EXE

    • Windows security modification

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks