Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9b4a50c559c96489800d8934776635587ec5530c590a315630dc6ae1a29778df
-
Size
70KB
-
Sample
240723-a4cmhaxfmh
-
MD5
6c06b836e788b36769e7a3b2dbedb631
-
SHA1
de5e91e4469f8e3e206fb211eada24961ca653f6
-
SHA256
9b4a50c559c96489800d8934776635587ec5530c590a315630dc6ae1a29778df
-
SHA512
bbd9a15b771e98913b3df307f8f6cc3573497895bef218f90ccfb3c55816636c3b8878180cbde06e81e40d8737252fda955c075f203ea6caeb8034630a9914f3
-
SSDEEP
768:x/nGhX+OZMUpVzJKsMIWqH3N7GLCMa7kmewpUn/LwSUBPkvgjzkQyTDbAFd2Pm5W:xYX+EMU/zobY39qoowSUBPkzQyzAsGE/
Malware Config
Targets
-
-
Target
9b4a50c559c96489800d8934776635587ec5530c590a315630dc6ae1a29778df
-
Size
70KB
-
MD5
6c06b836e788b36769e7a3b2dbedb631
-
SHA1
de5e91e4469f8e3e206fb211eada24961ca653f6
-
SHA256
9b4a50c559c96489800d8934776635587ec5530c590a315630dc6ae1a29778df
-
SHA512
bbd9a15b771e98913b3df307f8f6cc3573497895bef218f90ccfb3c55816636c3b8878180cbde06e81e40d8737252fda955c075f203ea6caeb8034630a9914f3
-
SSDEEP
768:x/nGhX+OZMUpVzJKsMIWqH3N7GLCMa7kmewpUn/LwSUBPkvgjzkQyTDbAFd2Pm5W:xYX+EMU/zobY39qoowSUBPkzQyzAsGE/
Score10/10-
Windows security bypass
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1