Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
573449aee41dada8315245de9c17f96d
-
Size
3.1MB
-
Sample
240112-w98ssadden
-
MD5
573449aee41dada8315245de9c17f96d
-
SHA1
3f134e9e4df7146c6e572069f5d6623d5dc7d200
-
SHA256
1002b595d5153ea888a23b3d5253105fb8e30d94bf9bfc4544f8094a1d849948
-
SHA512
4f30ba1b60dd7a82eccbe443fe0049e4b360d27ea518f3a0a61a7e2a7a5bd967c58739cb165a16fb0e3e129718b9afae78f3fc0a063a2ec4a874d410ab3947ec
-
SSDEEP
98304:QEmhtXP+pTDCrmHZ9Gy7dWHQJIuULiVzxDXwZjUEDYZT+UVim4e:UaTG6HzfznbCfDAVite
Malware Config
Targets
-
-
Target
573449aee41dada8315245de9c17f96d
-
Size
3.1MB
-
MD5
573449aee41dada8315245de9c17f96d
-
SHA1
3f134e9e4df7146c6e572069f5d6623d5dc7d200
-
SHA256
1002b595d5153ea888a23b3d5253105fb8e30d94bf9bfc4544f8094a1d849948
-
SHA512
4f30ba1b60dd7a82eccbe443fe0049e4b360d27ea518f3a0a61a7e2a7a5bd967c58739cb165a16fb0e3e129718b9afae78f3fc0a063a2ec4a874d410ab3947ec
-
SSDEEP
98304:QEmhtXP+pTDCrmHZ9Gy7dWHQJIuULiVzxDXwZjUEDYZT+UVim4e:UaTG6HzfznbCfDAVite
Score8/10-
Modifies Windows Firewall
-
Stops running service(s)
-
Uses Session Manager for persistence
Creates Session Manager registry key to run executable early in system boot.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
2Windows Service
2Scheduled Task/Job
1