Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

boo.txt

windows7-x64

8

boo.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    boo.txt

  • Size

    42B

  • Sample

    240220-mgmkeafe49

  • MD5

    79203b6e913913b40a9affd2e29ea25a

  • SHA1

    ab42817b85516533bfe8a13bef1a3f165527e4b1

  • SHA256

    16921122c5bd3e497de9c75871f9dc07adfc0c132952d339b40698cdc759ffb7

  • SHA512

    49bdd0489cf7456376e97aecd9a1cf85419e418fbae3642017df025f6f12f2c766c8dc3c7b0b231951c9eed5849e9f59a4fb8a31f9d47a0ead093f974172c36f

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      boo.txt

    • Size

      42B

    • MD5

      79203b6e913913b40a9affd2e29ea25a

    • SHA1

      ab42817b85516533bfe8a13bef1a3f165527e4b1

    • SHA256

      16921122c5bd3e497de9c75871f9dc07adfc0c132952d339b40698cdc759ffb7

    • SHA512

      49bdd0489cf7456376e97aecd9a1cf85419e418fbae3642017df025f6f12f2c766c8dc3c7b0b231951c9eed5849e9f59a4fb8a31f9d47a0ead093f974172c36f

    Score
    8/10
    discoverypersistence

    • Downloads MZ/PE file

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks