Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    53b233c6c23409aa87d7982565849165.exe

  • Size

    166KB

  • Sample

    240111-ywy3jagbb6

  • MD5

    53b233c6c23409aa87d7982565849165

  • SHA1

    f3b0d0f6869a017892d7838d60fa9738d648d0e5

  • SHA256

    f2db305bb87e418623361ca81fc600864d14e270f3b23a4a0248b9ada86c1543

  • SHA512

    2f2fa21b020fcc3b9f76b2874c74b0a37cf4c7da96dab5111bc3fa481bd767bcd503a476998fc1d0daf5cb5b2b315124c71486ef33325279670eafd55fdb1ef0

  • SSDEEP

    3072:pTU56gVxj27NevROEuPvisOpkTv7L2GQ6uE:G4wRj+qYvW4uE

Malware Config

Targets

    • Target

      53b233c6c23409aa87d7982565849165.exe

    • Size

      166KB

    • MD5

      53b233c6c23409aa87d7982565849165

    • SHA1

      f3b0d0f6869a017892d7838d60fa9738d648d0e5

    • SHA256

      f2db305bb87e418623361ca81fc600864d14e270f3b23a4a0248b9ada86c1543

    • SHA512

      2f2fa21b020fcc3b9f76b2874c74b0a37cf4c7da96dab5111bc3fa481bd767bcd503a476998fc1d0daf5cb5b2b315124c71486ef33325279670eafd55fdb1ef0

    • SSDEEP

      3072:pTU56gVxj27NevROEuPvisOpkTv7L2GQ6uE:G4wRj+qYvW4uE

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks