Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    virussign.com_0cc00487cd4d1de76ca624061f694a30.vir

  • Size

    44KB

  • Sample

    240528-ya8pvaad66

  • MD5

    0cc00487cd4d1de76ca624061f694a30

  • SHA1

    dcc5cab635d1c1e17f43df850c7da10904465de2

  • SHA256

    2549370a764d632dd587ed5fff9071f19ae430ce909f383b74cfac70d5422435

  • SHA512

    4f725dcf6f5988c13935c8b6cd3981a218f2b696a5fd3b622c10270a02127b7e805368b272468bcfe954adda48ea3d099f8b5a6f36ba96de8dbb0827af535c09

  • SSDEEP

    768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvKMb7r6:RUNHFKQbIkHvGkAFu7+

Malware Config

Targets

    • Target

      virussign.com_0cc00487cd4d1de76ca624061f694a30.vir

    • Size

      44KB

    • MD5

      0cc00487cd4d1de76ca624061f694a30

    • SHA1

      dcc5cab635d1c1e17f43df850c7da10904465de2

    • SHA256

      2549370a764d632dd587ed5fff9071f19ae430ce909f383b74cfac70d5422435

    • SHA512

      4f725dcf6f5988c13935c8b6cd3981a218f2b696a5fd3b622c10270a02127b7e805368b272468bcfe954adda48ea3d099f8b5a6f36ba96de8dbb0827af535c09

    • SSDEEP

      768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvKMb7r6:RUNHFKQbIkHvGkAFu7+

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks