Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    829218b71ff5d0d3ebaf12fff9d22f10N.exe

  • Size

    68KB

  • Sample

    240727-c4j3pavdkb

  • MD5

    829218b71ff5d0d3ebaf12fff9d22f10

  • SHA1

    849ebec8d74753de0b1503a3ad26b131d4b90217

  • SHA256

    596589d198fd9c9a0652aee91e8567ed7084303cf9ba2d5e22a6704a31402d2f

  • SHA512

    e7774363ea2f9f9db48bb1cb733b9e846bee686ff5442a5c43b57a9846d708db1be615e2775974f09244c41b8bf7c90b91b9f517c8f6db858f23583dd5594bc2

  • SSDEEP

    1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1HwQYG:ulg35GTslA5t3/w0

Malware Config

Targets

    • Target

      829218b71ff5d0d3ebaf12fff9d22f10N.exe

    • Size

      68KB

    • MD5

      829218b71ff5d0d3ebaf12fff9d22f10

    • SHA1

      849ebec8d74753de0b1503a3ad26b131d4b90217

    • SHA256

      596589d198fd9c9a0652aee91e8567ed7084303cf9ba2d5e22a6704a31402d2f

    • SHA512

      e7774363ea2f9f9db48bb1cb733b9e846bee686ff5442a5c43b57a9846d708db1be615e2775974f09244c41b8bf7c90b91b9f517c8f6db858f23583dd5594bc2

    • SSDEEP

      1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1HwQYG:ulg35GTslA5t3/w0

    • Windows security bypass

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Indicator Removal: Clear Persistence

      remove IFEO.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks