Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
829218b71ff5d0d3ebaf12fff9d22f10N.exe
-
Size
68KB
-
Sample
240727-c4j3pavdkb
-
MD5
829218b71ff5d0d3ebaf12fff9d22f10
-
SHA1
849ebec8d74753de0b1503a3ad26b131d4b90217
-
SHA256
596589d198fd9c9a0652aee91e8567ed7084303cf9ba2d5e22a6704a31402d2f
-
SHA512
e7774363ea2f9f9db48bb1cb733b9e846bee686ff5442a5c43b57a9846d708db1be615e2775974f09244c41b8bf7c90b91b9f517c8f6db858f23583dd5594bc2
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1HwQYG:ulg35GTslA5t3/w0
Static task
static1
Behavioral task
behavioral1
Sample
829218b71ff5d0d3ebaf12fff9d22f10N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
829218b71ff5d0d3ebaf12fff9d22f10N.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
829218b71ff5d0d3ebaf12fff9d22f10N.exe
-
Size
68KB
-
MD5
829218b71ff5d0d3ebaf12fff9d22f10
-
SHA1
849ebec8d74753de0b1503a3ad26b131d4b90217
-
SHA256
596589d198fd9c9a0652aee91e8567ed7084303cf9ba2d5e22a6704a31402d2f
-
SHA512
e7774363ea2f9f9db48bb1cb733b9e846bee686ff5442a5c43b57a9846d708db1be615e2775974f09244c41b8bf7c90b91b9f517c8f6db858f23583dd5594bc2
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1HwQYG:ulg35GTslA5t3/w0
Score10/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1