Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ee96180fc4ca29c3be3a32228a5ec8e8f078f4666b350fbe169eaf16e1295a6a

  • Size

    69KB

  • Sample

    240724-e8qr5s1gmb

  • MD5

    7198df86cf79eab4008e00b99775f151

  • SHA1

    dba78f524773dcc9ce9a58a05f31f48305694372

  • SHA256

    ee96180fc4ca29c3be3a32228a5ec8e8f078f4666b350fbe169eaf16e1295a6a

  • SHA512

    656c2a26ad14d0180a3c64389e9eb7374c80f7441d338af5703f2a382df3aaf7f30ae29725301d5ffd166791178948b5056b66bae8c4b8d0080da5e27a9e2a73

  • SSDEEP

    1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8X2:Olg35GTslA5t3/w8G

Malware Config

Targets

    • Target

      ee96180fc4ca29c3be3a32228a5ec8e8f078f4666b350fbe169eaf16e1295a6a

    • Size

      69KB

    • MD5

      7198df86cf79eab4008e00b99775f151

    • SHA1

      dba78f524773dcc9ce9a58a05f31f48305694372

    • SHA256

      ee96180fc4ca29c3be3a32228a5ec8e8f078f4666b350fbe169eaf16e1295a6a

    • SHA512

      656c2a26ad14d0180a3c64389e9eb7374c80f7441d338af5703f2a382df3aaf7f30ae29725301d5ffd166791178948b5056b66bae8c4b8d0080da5e27a9e2a73

    • SSDEEP

      1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8X2:Olg35GTslA5t3/w8G

    • Windows security bypass

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Indicator Removal: Clear Persistence

      remove IFEO.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks