Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2c9b02f70f403a77bf8bc134847eeaf5

  • Size

    3.7MB

  • Sample

    231231-ht7nwsbhej

  • MD5

    2c9b02f70f403a77bf8bc134847eeaf5

  • SHA1

    aae89f708e380c270c0495491ab10e696920d5d8

  • SHA256

    eb4f5975f3707dd4747816a1df8ae426c53fa74ff5655fb735f65eac77312193

  • SHA512

    5a987dc54c1c4233f2fbe86feb0b8c926b3a72a162675600b34706bd995d0b4178d6035e001b253366f981feb6909f7c190e3f0568eb46f12c056093338d938f

  • SSDEEP

    98304:lWZ+WFlt0g9nfsTDTTa2zMiA4dHjrmtsxw9nn:luDj0g96nNzMiA4hmOw9n

Score
8/10

Malware Config

Targets

    • Target

      2c9b02f70f403a77bf8bc134847eeaf5

    • Size

      3.7MB

    • MD5

      2c9b02f70f403a77bf8bc134847eeaf5

    • SHA1

      aae89f708e380c270c0495491ab10e696920d5d8

    • SHA256

      eb4f5975f3707dd4747816a1df8ae426c53fa74ff5655fb735f65eac77312193

    • SHA512

      5a987dc54c1c4233f2fbe86feb0b8c926b3a72a162675600b34706bd995d0b4178d6035e001b253366f981feb6909f7c190e3f0568eb46f12c056093338d938f

    • SSDEEP

      98304:lWZ+WFlt0g9nfsTDTTa2zMiA4dHjrmtsxw9nn:luDj0g96nNzMiA4hmOw9n

    Score
    8/10
    • Modifies Windows Firewall

    • Stops running service(s)

    • Uses Session Manager for persistence

      Creates Session Manager registry key to run executable early in system boot.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks