Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aaddcb0a5d7993bd1da7b9e5d999c72984ef571d5cd1269087e5fc6210c60a7a
-
Size
741KB
-
Sample
240629-bqjdkaxeka
-
MD5
296d46df103012c3bb0c64bd262b532e
-
SHA1
8409505d00f4356a257ada95e3991a0c828522f7
-
SHA256
aaddcb0a5d7993bd1da7b9e5d999c72984ef571d5cd1269087e5fc6210c60a7a
-
SHA512
1145936f13795b1a549dda2d9f60ef84d131db71db59dbb04710db4cf6f2ee252c0559027b8d895fed0993ae5335e49701768f80e22cd979f507b8209b5aa72a
-
SSDEEP
12288:ltTuhrf45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1Fj:lIt4kt0Kd6F6CNzYhUiEWEYcwb
Malware Config
Targets
-
-
Target
aaddcb0a5d7993bd1da7b9e5d999c72984ef571d5cd1269087e5fc6210c60a7a
-
Size
741KB
-
MD5
296d46df103012c3bb0c64bd262b532e
-
SHA1
8409505d00f4356a257ada95e3991a0c828522f7
-
SHA256
aaddcb0a5d7993bd1da7b9e5d999c72984ef571d5cd1269087e5fc6210c60a7a
-
SHA512
1145936f13795b1a549dda2d9f60ef84d131db71db59dbb04710db4cf6f2ee252c0559027b8d895fed0993ae5335e49701768f80e22cd979f507b8209b5aa72a
-
SSDEEP
12288:ltTuhrf45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1Fj:lIt4kt0Kd6F6CNzYhUiEWEYcwb
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1