Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fbff7ade992382218f027c524eadcc08c0c2f9d1540e1104bfc52df7ef777e49
-
Size
211KB
-
Sample
240422-f5g69sgc98
-
MD5
123595dbb144cdf5b16c0ca6fd605a8e
-
SHA1
a0fbaefdc45c4998df189ff1ed8a1275dcf9340a
-
SHA256
fbff7ade992382218f027c524eadcc08c0c2f9d1540e1104bfc52df7ef777e49
-
SHA512
fb28bc28928222771919925e9549e4f7f92deda86ee9bb185cd6f6afe3576f7d9cd013bebc0b4dca7307e4414981dabc9abb8d4ed1328ed3eec5246a023d6f3c
-
SSDEEP
3072:WD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOQ:Wh8cBzHLRMpZ4d1ZQ
Malware Config
Targets
-
-
Target
fbff7ade992382218f027c524eadcc08c0c2f9d1540e1104bfc52df7ef777e49
-
Size
211KB
-
MD5
123595dbb144cdf5b16c0ca6fd605a8e
-
SHA1
a0fbaefdc45c4998df189ff1ed8a1275dcf9340a
-
SHA256
fbff7ade992382218f027c524eadcc08c0c2f9d1540e1104bfc52df7ef777e49
-
SHA512
fb28bc28928222771919925e9549e4f7f92deda86ee9bb185cd6f6afe3576f7d9cd013bebc0b4dca7307e4414981dabc9abb8d4ed1328ed3eec5246a023d6f3c
-
SSDEEP
3072:WD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOQ:Wh8cBzHLRMpZ4d1ZQ
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1