Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c9b924e833a8196e85215a4de2b2dac97a615050e1542a483703011a3bcf7083
-
Size
65KB
-
Sample
240609-lf16qsgf8x
-
MD5
aa531d6157cc02a3909d85d3f38a12c8
-
SHA1
08cb365b3c3143eaae2236841f6f2aa0d33e8565
-
SHA256
c9b924e833a8196e85215a4de2b2dac97a615050e1542a483703011a3bcf7083
-
SHA512
64b0b10c7ab71e0084614d9967b2e80bbd45a8794adb2ad13f0449c12d0ef73c49e17f68408d035f9b773f690a3b1ba48290d642a32c9bf0b4391e218ee3fc28
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Oun:7WNqkOJWmo1HpM0MkTUmun
Malware Config
Targets
-
-
Target
c9b924e833a8196e85215a4de2b2dac97a615050e1542a483703011a3bcf7083
-
Size
65KB
-
MD5
aa531d6157cc02a3909d85d3f38a12c8
-
SHA1
08cb365b3c3143eaae2236841f6f2aa0d33e8565
-
SHA256
c9b924e833a8196e85215a4de2b2dac97a615050e1542a483703011a3bcf7083
-
SHA512
64b0b10c7ab71e0084614d9967b2e80bbd45a8794adb2ad13f0449c12d0ef73c49e17f68408d035f9b773f690a3b1ba48290d642a32c9bf0b4391e218ee3fc28
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Oun:7WNqkOJWmo1HpM0MkTUmun
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1