Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ca253fb4e89eed7ebbb3bcb1d3e464f3
-
Size
76KB
-
Sample
240315-b1h6jsfd63
-
MD5
ca253fb4e89eed7ebbb3bcb1d3e464f3
-
SHA1
8ed3bfcf300ddd2425003810788a7e48bb5b2183
-
SHA256
c8bc90dc83a2fed281b5c3c28da35d887acaf6e94b0f85fe4d9ba5951e8178be
-
SHA512
5da6a872c4d54ef12ee48469c41d058777dc740b23c25db3e13f6b9ebcb8d3b3b16b72b506ff5e8b3f9ce950d016202946a2f0275558c92a591360ef8ffd6aeb
-
SSDEEP
1536:vN6hyawjWVk6UFKjz7/6TJmZkYZ6RwyOWXawCZaIlb50IFuCsXdr5:ghZz7/6T0kVaEIt53FuxN
Malware Config
Targets
-
-
Target
ca253fb4e89eed7ebbb3bcb1d3e464f3
-
Size
76KB
-
MD5
ca253fb4e89eed7ebbb3bcb1d3e464f3
-
SHA1
8ed3bfcf300ddd2425003810788a7e48bb5b2183
-
SHA256
c8bc90dc83a2fed281b5c3c28da35d887acaf6e94b0f85fe4d9ba5951e8178be
-
SHA512
5da6a872c4d54ef12ee48469c41d058777dc740b23c25db3e13f6b9ebcb8d3b3b16b72b506ff5e8b3f9ce950d016202946a2f0275558c92a591360ef8ffd6aeb
-
SSDEEP
1536:vN6hyawjWVk6UFKjz7/6TJmZkYZ6RwyOWXawCZaIlb50IFuCsXdr5:ghZz7/6T0kVaEIt53FuxN
Score10/10-
Modifies WinLogon for persistence
-
Modifies firewall policy service
-
Disables RegEdit via registry modification
-
Drops file in Drivers directory
-
Drops startup file
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1