Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
MrsMajor2.0.bin.zip
-
Size
24.0MB
-
Sample
240415-31jwmabg94
-
MD5
82faca51fa050743351ba4db3d789d3f
-
SHA1
72c09ce303d2431568d5bae45060678af373a9a0
-
SHA256
6f1bdf0ca70d93ed6756b2239bca7e077817ff30c31a9024222478add654caec
-
SHA512
6c0e1e034493f868d15aa4d8a719d4034f32abe5de29a7db75a2560874e37e008a6bd19ef4e7be14dc155437be0ababc3b8a91d1d9349be4f030224cfc0ef7cb
-
SSDEEP
393216:A/7tMMtCa2fL1RJf5aTP3H/0+BvrMJIMys0xpSH/19rXXVqyUvjHx9XRbrXEfOm:wn6zZ5yFvrWIZtGVqyU7HbX2N
Static task
static1
Behavioral task
behavioral1
Sample
MrsMajor2.0.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
MrsMajor2.0.bin
-
Size
25.6MB
-
MD5
247a35851fdee53a1696715d67bd0905
-
SHA1
d2e86020e1d48e527e81e550f06c651328bd58a4
-
SHA256
5dd4ea169cabf9226f54bb53e63ea6a1b5880a0d1222242aee378efb6255b57d
-
SHA512
a173801aaef4fab608d99b52223b5b2400d69b91edcbf33c21fcb47bd832eef9d771dfd36da350a502a371ed1739c869a7c2b4dca456c93f2feed9ac9c647c7c
-
SSDEEP
786432:7VQ4fX8siQIZwastE9oGH5UcnaAVBmn163+L2:7ywXwdwRQo2O1L2
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Executes dropped EXE
-
Modifies file permissions
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1