Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c7c6b5398c5411835112fed2d4169c76f07f4850c920d17f692df14aac7fa3ed
-
Size
741KB
-
Sample
240617-clgvlszbnh
-
MD5
1d27448a1cb8c95ab3839ce58cf1c469
-
SHA1
2fec19da397b24020835d821b4c617c30172e06f
-
SHA256
c7c6b5398c5411835112fed2d4169c76f07f4850c920d17f692df14aac7fa3ed
-
SHA512
0c2fc5e27009ffebeeb201473ee155bf21648752954a2e1d6b8d651c008d94f3cea1ad678f8bc2fcd3d8c1f00db9695e90ee0a6b3c7c4053c51718c245046dee
-
SSDEEP
12288:ltTuhrf45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1Fc:lIt4kt0Kd6F6CNzYhUiEWEYcwU
Malware Config
Targets
-
-
Target
c7c6b5398c5411835112fed2d4169c76f07f4850c920d17f692df14aac7fa3ed
-
Size
741KB
-
MD5
1d27448a1cb8c95ab3839ce58cf1c469
-
SHA1
2fec19da397b24020835d821b4c617c30172e06f
-
SHA256
c7c6b5398c5411835112fed2d4169c76f07f4850c920d17f692df14aac7fa3ed
-
SHA512
0c2fc5e27009ffebeeb201473ee155bf21648752954a2e1d6b8d651c008d94f3cea1ad678f8bc2fcd3d8c1f00db9695e90ee0a6b3c7c4053c51718c245046dee
-
SSDEEP
12288:ltTuhrf45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1Fc:lIt4kt0Kd6F6CNzYhUiEWEYcwU
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1