Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ad40c4e15565e5e3962fd54c8f7cc1eba646c25188db1a876cc6747e8589f254

  • Size

    206KB

  • Sample

    240624-bqeelswepl

  • MD5

    e2ba77cc58e9e927493399a11f23ccd5

  • SHA1

    5c87978b66971a42c10f425146b6ce965be49a07

  • SHA256

    ad40c4e15565e5e3962fd54c8f7cc1eba646c25188db1a876cc6747e8589f254

  • SHA512

    df3b2e4b0d24ec73fd91e5d3c1f19ccff6eeee1a5097f9b597cd9b5af23be8c31cb7a07dce7bb3ec79094dc7e24250431fcbbe3ee61896e6d67865af915f9d16

  • SSDEEP

    3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unjS:5vEN2U+T6i5LirrllHy4HUcMQY6T

Score
10/10

Malware Config

Targets

    • Target

      ad40c4e15565e5e3962fd54c8f7cc1eba646c25188db1a876cc6747e8589f254

    • Size

      206KB

    • MD5

      e2ba77cc58e9e927493399a11f23ccd5

    • SHA1

      5c87978b66971a42c10f425146b6ce965be49a07

    • SHA256

      ad40c4e15565e5e3962fd54c8f7cc1eba646c25188db1a876cc6747e8589f254

    • SHA512

      df3b2e4b0d24ec73fd91e5d3c1f19ccff6eeee1a5097f9b597cd9b5af23be8c31cb7a07dce7bb3ec79094dc7e24250431fcbbe3ee61896e6d67865af915f9d16

    • SSDEEP

      3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unjS:5vEN2U+T6i5LirrllHy4HUcMQY6T

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks