Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bcb7cd0534216f33bc7296a4c6881323

  • Size

    39KB

  • Sample

    240309-y5qgrahh91

  • MD5

    bcb7cd0534216f33bc7296a4c6881323

  • SHA1

    ddeec897e56d93b8093826545855356bbf881c56

  • SHA256

    eb0914059110304a1534aa829cd5caa7d793a08956c4bc4cdce3fb1fa25098a4

  • SHA512

    7162768feeb6fb14d5785f52039ab8f427ac4eb2ed49dc2ac1bff592d0e4acfdc2482693c668f1990c32a7f040f0c9d5eed59ea3229891f9cd9957faee87263c

  • SSDEEP

    768:k9Bn2RpxSECWHVYgnqk6i4WUGCmaflH6t8VHjVnb/0D:kDn23xSvAVznq9i4HGChY0jVnjI

Malware Config

Targets

    • Target

      bcb7cd0534216f33bc7296a4c6881323

    • Size

      39KB

    • MD5

      bcb7cd0534216f33bc7296a4c6881323

    • SHA1

      ddeec897e56d93b8093826545855356bbf881c56

    • SHA256

      eb0914059110304a1534aa829cd5caa7d793a08956c4bc4cdce3fb1fa25098a4

    • SHA512

      7162768feeb6fb14d5785f52039ab8f427ac4eb2ed49dc2ac1bff592d0e4acfdc2482693c668f1990c32a7f040f0c9d5eed59ea3229891f9cd9957faee87263c

    • SSDEEP

      768:k9Bn2RpxSECWHVYgnqk6i4WUGCmaflH6t8VHjVnb/0D:kDn23xSvAVznq9i4HGChY0jVnjI

    • Modifies WinLogon for persistence

    • UAC bypass

    • Disables Task Manager via registry modification

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks