Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    login

  • Size

    26KB

  • Sample

    240620-czn6vaybpr

  • MD5

    bcdeabeb39d67b302a73acfd8837d409

  • SHA1

    a466409c9b48e8d9bc55994f407ddf8fa67e3996

  • SHA256

    843e83ec5baf168092655fce86dcd43de64f501ad6539f2fa8bf12842846428b

  • SHA512

    504ab9c863518b5550592178b99d12fd75d85f226be696ad5d1b961ba188e2e0e21020481491e14e12883f2ba381f4df628ba45f172c977ac963810e3fbc314c

  • SSDEEP

    384:cxm5v477sGGzK+TpQn7M9cyqy/f2f/Yb6WiZjuulffGfMfl/z3syZj5XCqzGX3Q:X/+scm2f/Yb6H9uul3UWl/7syZ9x

Malware Config

Targets

    • Target

      login

    • Size

      26KB

    • MD5

      bcdeabeb39d67b302a73acfd8837d409

    • SHA1

      a466409c9b48e8d9bc55994f407ddf8fa67e3996

    • SHA256

      843e83ec5baf168092655fce86dcd43de64f501ad6539f2fa8bf12842846428b

    • SHA512

      504ab9c863518b5550592178b99d12fd75d85f226be696ad5d1b961ba188e2e0e21020481491e14e12883f2ba381f4df628ba45f172c977ac963810e3fbc314c

    • SSDEEP

      384:cxm5v477sGGzK+TpQn7M9cyqy/f2f/Yb6WiZjuulffGfMfl/z3syZj5XCqzGX3Q:X/+scm2f/Yb6H9uul3UWl/7syZ9x

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks