Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
18f2ebb24e6145800c8a1667651c010685034616ab5c4a3de9ae08f390ad6956
-
Size
480KB
-
Sample
240608-ybcnssfc3w
-
MD5
454426d051225d4ee7d0ff11a660e770
-
SHA1
6eb9b7b40ecc59693ca002875c62ca90e927f16b
-
SHA256
18f2ebb24e6145800c8a1667651c010685034616ab5c4a3de9ae08f390ad6956
-
SHA512
1dd582542cc2fa93061c8493909b5827d30e57470c6f464c50d691cfebc85c5bf10e9d524c3657ded837d58bc373e276ca7468530a12ad3529fb33115378e76e
-
SSDEEP
6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDnyXk:nRDc3yWDNU+YUznzNjElWaT07NQtD4k
Malware Config
Targets
-
-
Target
18f2ebb24e6145800c8a1667651c010685034616ab5c4a3de9ae08f390ad6956
-
Size
480KB
-
MD5
454426d051225d4ee7d0ff11a660e770
-
SHA1
6eb9b7b40ecc59693ca002875c62ca90e927f16b
-
SHA256
18f2ebb24e6145800c8a1667651c010685034616ab5c4a3de9ae08f390ad6956
-
SHA512
1dd582542cc2fa93061c8493909b5827d30e57470c6f464c50d691cfebc85c5bf10e9d524c3657ded837d58bc373e276ca7468530a12ad3529fb33115378e76e
-
SSDEEP
6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDnyXk:nRDc3yWDNU+YUznzNjElWaT07NQtD4k
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1