Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b4f52848c48aea663e5344e33a1b087a

  • Size

    609KB

  • Sample

    240305-r5lp8sac37

  • MD5

    b4f52848c48aea663e5344e33a1b087a

  • SHA1

    952e076be5498fcbb41123070c5a297c329e2395

  • SHA256

    25510d20b983dbfc0443684dd1674192cb32b9ab06a2ab9e67e2db6f99ead154

  • SHA512

    5e78c19e2084ae3c9f90be86e4458ded13cea66f2185bc26637a2b00f8ff57d5d1da09ed99f47b981e59815ef63ee7d10ffb506157b178e95fa56356e8dc997e

  • SSDEEP

    12288:BLcKp2Adls/rnjs7RLKslAmJSv4KMwUU9d8Kb6a:CK2GsD4RLTlzJSv4sGKGa

Score
10/10

Malware Config

Targets

    • Target

      b4f52848c48aea663e5344e33a1b087a

    • Size

      609KB

    • MD5

      b4f52848c48aea663e5344e33a1b087a

    • SHA1

      952e076be5498fcbb41123070c5a297c329e2395

    • SHA256

      25510d20b983dbfc0443684dd1674192cb32b9ab06a2ab9e67e2db6f99ead154

    • SHA512

      5e78c19e2084ae3c9f90be86e4458ded13cea66f2185bc26637a2b00f8ff57d5d1da09ed99f47b981e59815ef63ee7d10ffb506157b178e95fa56356e8dc997e

    • SSDEEP

      12288:BLcKp2Adls/rnjs7RLKslAmJSv4KMwUU9d8Kb6a:CK2GsD4RLTlzJSv4sGKGa

    Score
    10/10
    • Modifies WinLogon for persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks