Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a8cb4ee765bf0466dd9a02dd22fc5d9a65e7250a1f924de417ab283d2a0a1054
-
Size
211KB
-
Sample
240524-b1fenage6z
-
MD5
0622dbb63e1ea9a865dcc2862318646d
-
SHA1
c9bf1ea146228550404dc0f41aa51f64f0ec02ae
-
SHA256
a8cb4ee765bf0466dd9a02dd22fc5d9a65e7250a1f924de417ab283d2a0a1054
-
SHA512
4468708bd56b9e1966a809525eab9cdc56a94cafc28ab47c7f8c89650ee17beec37de32c4f6117ec5be87c8d38b46e102d7b0f71a877e8953aaa606c33a3ac59
-
SSDEEP
3072:vDEPeJlYW1ea8HKHSRUN3jjXs9Y+MiMVB/w68PEAjAfIrAvGPZz6sPJBIiFe/GcX:vSAl1IK1aY+MiMVBSeh
Malware Config
Targets
-
-
Target
a8cb4ee765bf0466dd9a02dd22fc5d9a65e7250a1f924de417ab283d2a0a1054
-
Size
211KB
-
MD5
0622dbb63e1ea9a865dcc2862318646d
-
SHA1
c9bf1ea146228550404dc0f41aa51f64f0ec02ae
-
SHA256
a8cb4ee765bf0466dd9a02dd22fc5d9a65e7250a1f924de417ab283d2a0a1054
-
SHA512
4468708bd56b9e1966a809525eab9cdc56a94cafc28ab47c7f8c89650ee17beec37de32c4f6117ec5be87c8d38b46e102d7b0f71a877e8953aaa606c33a3ac59
-
SSDEEP
3072:vDEPeJlYW1ea8HKHSRUN3jjXs9Y+MiMVB/w68PEAjAfIrAvGPZz6sPJBIiFe/GcX:vSAl1IK1aY+MiMVBSeh
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1