Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5a3be66ef3388c282c62f690d770e08eee5ae4dd5c4d92178c4ef98553c00fea
-
Size
211KB
-
Sample
240521-28tv5adc8z
-
MD5
6b2e5a2bf4036c3ffa44573cf402952f
-
SHA1
324211705a5167abab90d39b2eca7279836891d9
-
SHA256
5a3be66ef3388c282c62f690d770e08eee5ae4dd5c4d92178c4ef98553c00fea
-
SHA512
2be1d9e476496b37033fc5840f5bba3900f9f7da6e476c6291806dc26d0b635141b95d2764f30f1732043cf3a4fbedace945b3c8a87fb4c70f36aee032fa3e70
-
SSDEEP
3072:dDEPeJlYW1ea8HKHSRUN3jjXs9Y+MiMVB/w68PEAjAfIrAvGPZz6sPJBIiFe/Gcu:dSAl1IK1aY+MiMVBSeI
Malware Config
Targets
-
-
Target
5a3be66ef3388c282c62f690d770e08eee5ae4dd5c4d92178c4ef98553c00fea
-
Size
211KB
-
MD5
6b2e5a2bf4036c3ffa44573cf402952f
-
SHA1
324211705a5167abab90d39b2eca7279836891d9
-
SHA256
5a3be66ef3388c282c62f690d770e08eee5ae4dd5c4d92178c4ef98553c00fea
-
SHA512
2be1d9e476496b37033fc5840f5bba3900f9f7da6e476c6291806dc26d0b635141b95d2764f30f1732043cf3a4fbedace945b3c8a87fb4c70f36aee032fa3e70
-
SSDEEP
3072:dDEPeJlYW1ea8HKHSRUN3jjXs9Y+MiMVB/w68PEAjAfIrAvGPZz6sPJBIiFe/Gcu:dSAl1IK1aY+MiMVBSeI
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1