Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9fdbb3ac2a3c9814f05abb98daac8de7d6bfbed4caa002c9b01e7777c1c8851d
-
Size
2.6MB
-
Sample
240424-xx8spafg46
-
MD5
1e3a6a31db311756dde13aff8a860b99
-
SHA1
37b51c0dae5dd2a82ef11c179037dfe682df4b13
-
SHA256
9fdbb3ac2a3c9814f05abb98daac8de7d6bfbed4caa002c9b01e7777c1c8851d
-
SHA512
5c4bee464970cb766a5fda0da84c2e8e9a9d01833a9e40fe5ba63690a550975a7e950f7176889c1afb03f391f9c2db53d8004be6c3f248bc9f2d4edef7807228
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/a:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/a
Malware Config
Targets
-
-
Target
9fdbb3ac2a3c9814f05abb98daac8de7d6bfbed4caa002c9b01e7777c1c8851d
-
Size
2.6MB
-
MD5
1e3a6a31db311756dde13aff8a860b99
-
SHA1
37b51c0dae5dd2a82ef11c179037dfe682df4b13
-
SHA256
9fdbb3ac2a3c9814f05abb98daac8de7d6bfbed4caa002c9b01e7777c1c8851d
-
SHA512
5c4bee464970cb766a5fda0da84c2e8e9a9d01833a9e40fe5ba63690a550975a7e950f7176889c1afb03f391f9c2db53d8004be6c3f248bc9f2d4edef7807228
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/a:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/a
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1