Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    57b3cde2ac0cbbb46cbd817e73fd4e90N.exe

  • Size

    44KB

  • Sample

    240726-z7hqcsvhmn

  • MD5

    57b3cde2ac0cbbb46cbd817e73fd4e90

  • SHA1

    a252f2937677bbd814b73e26d65569eb96196b28

  • SHA256

    3f1aacda1663423461db16abd2c7f9f052e74d4bde8727279126a337e1fbe8fe

  • SHA512

    cc82fca5abb16f71a9a33b24dd260d6461cf3b55b892a3f288e9369c91550ca84648020df2115cefd70f1da6958e06b65c4a5083bd5c44e0bbb90e111db6f633

  • SSDEEP

    768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQv2ZzeOfh:RUNHFKQbIkHvGkASOfh

Malware Config

Targets

    • Target

      57b3cde2ac0cbbb46cbd817e73fd4e90N.exe

    • Size

      44KB

    • MD5

      57b3cde2ac0cbbb46cbd817e73fd4e90

    • SHA1

      a252f2937677bbd814b73e26d65569eb96196b28

    • SHA256

      3f1aacda1663423461db16abd2c7f9f052e74d4bde8727279126a337e1fbe8fe

    • SHA512

      cc82fca5abb16f71a9a33b24dd260d6461cf3b55b892a3f288e9369c91550ca84648020df2115cefd70f1da6958e06b65c4a5083bd5c44e0bbb90e111db6f633

    • SSDEEP

      768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQv2ZzeOfh:RUNHFKQbIkHvGkASOfh

    • Windows security bypass

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Drops file in Drivers directory

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Indicator Removal: Clear Persistence

      remove IFEO.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks