Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3fb22cfc3e2c18514a65cb7ba37b2210N.exe
-
Size
68KB
-
Sample
240722-bz9xwavaqh
-
MD5
3fb22cfc3e2c18514a65cb7ba37b2210
-
SHA1
618e00e1eeff13fca25dadc7fe64f6fa7c1cc114
-
SHA256
794803db33e0aad8a5e3f76842f7c929ef630a2ef49c7111e5102e6f0837abc0
-
SHA512
fb74c5d8301ec2729b72c1d4b5dabb36aedff6fa9e95f265c57edcc18c501850570c56f04f517e374e1646b1ce3ce3676c82a0865417b817436b5b1b819ee560
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8q:Olg35GTslA5t3/w8q
Malware Config
Targets
-
-
Target
3fb22cfc3e2c18514a65cb7ba37b2210N.exe
-
Size
68KB
-
MD5
3fb22cfc3e2c18514a65cb7ba37b2210
-
SHA1
618e00e1eeff13fca25dadc7fe64f6fa7c1cc114
-
SHA256
794803db33e0aad8a5e3f76842f7c929ef630a2ef49c7111e5102e6f0837abc0
-
SHA512
fb74c5d8301ec2729b72c1d4b5dabb36aedff6fa9e95f265c57edcc18c501850570c56f04f517e374e1646b1ce3ce3676c82a0865417b817436b5b1b819ee560
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8q:Olg35GTslA5t3/w8q
Score10/10-
Windows security bypass
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1