Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bcb7cd0534216f33bc7296a4c6881323
-
Size
39KB
-
Sample
240309-y5qgrahh91
-
MD5
bcb7cd0534216f33bc7296a4c6881323
-
SHA1
ddeec897e56d93b8093826545855356bbf881c56
-
SHA256
eb0914059110304a1534aa829cd5caa7d793a08956c4bc4cdce3fb1fa25098a4
-
SHA512
7162768feeb6fb14d5785f52039ab8f427ac4eb2ed49dc2ac1bff592d0e4acfdc2482693c668f1990c32a7f040f0c9d5eed59ea3229891f9cd9957faee87263c
-
SSDEEP
768:k9Bn2RpxSECWHVYgnqk6i4WUGCmaflH6t8VHjVnb/0D:kDn23xSvAVznq9i4HGChY0jVnjI
Malware Config
Targets
-
-
Target
bcb7cd0534216f33bc7296a4c6881323
-
Size
39KB
-
MD5
bcb7cd0534216f33bc7296a4c6881323
-
SHA1
ddeec897e56d93b8093826545855356bbf881c56
-
SHA256
eb0914059110304a1534aa829cd5caa7d793a08956c4bc4cdce3fb1fa25098a4
-
SHA512
7162768feeb6fb14d5785f52039ab8f427ac4eb2ed49dc2ac1bff592d0e4acfdc2482693c668f1990c32a7f040f0c9d5eed59ea3229891f9cd9957faee87263c
-
SSDEEP
768:k9Bn2RpxSECWHVYgnqk6i4WUGCmaflH6t8VHjVnb/0D:kDn23xSvAVznq9i4HGChY0jVnjI
Score10/10-
Modifies WinLogon for persistence
-
UAC bypass
-
Disables Task Manager via registry modification
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1