Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7d04d9c582590db215169327b3c95170_NEAS

  • Size

    65KB

  • Sample

    240507-gwe6zscd2t

  • MD5

    7d04d9c582590db215169327b3c95170

  • SHA1

    16131d62ef948938e0b8afb72d581c90eaaa8996

  • SHA256

    77fb0809e2c9f40140a30339dbe85b64a6ad86de52f965fd077a8e4151b965ad

  • SHA512

    2fccddb1c541d3883229d36ee283fe169725fda95b1222e6c9ad5ccb2af23407b8195b6fac402722eb75db08880a5255bdd275f2a3e2d88ec710990ae865e264

  • SSDEEP

    1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/OuB:7WNqkOJWmo1HpM0MkTUmuB

Malware Config

Targets

    • Target

      7d04d9c582590db215169327b3c95170_NEAS

    • Size

      65KB

    • MD5

      7d04d9c582590db215169327b3c95170

    • SHA1

      16131d62ef948938e0b8afb72d581c90eaaa8996

    • SHA256

      77fb0809e2c9f40140a30339dbe85b64a6ad86de52f965fd077a8e4151b965ad

    • SHA512

      2fccddb1c541d3883229d36ee283fe169725fda95b1222e6c9ad5ccb2af23407b8195b6fac402722eb75db08880a5255bdd275f2a3e2d88ec710990ae865e264

    • SSDEEP

      1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/OuB:7WNqkOJWmo1HpM0MkTUmuB

    • Detects BazaLoader malware

      BazaLoader is a trojan that transmits logs to the Command and Control (C2) server, encoding them in BASE64 format through GET requests.

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks