Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    .html

  • Size

    41B

  • Sample

    240727-m5rh9syfqh

  • MD5

    dfc9124b814702555e7b6cefbfdf5dcb

  • SHA1

    962ecec80e03f494a00a2099eb56001dd6a2d38e

  • SHA256

    578f2782a10a7d66c936ba4c02f70af39c1bb65188fe4d9f0eb6311c7598a7b0

  • SHA512

    ab2a7b43d3c4bb1bb542ca8e1cfaeec0bc3ed037d8c9a3a51ccc4489f12e9117f4abdf17acf0654a65881d6097d7ec3b968b69f7fa497959f5efae59f85fe997

Malware Config

Targets

    • Target

      .html

    • Size

      41B

    • MD5

      dfc9124b814702555e7b6cefbfdf5dcb

    • SHA1

      962ecec80e03f494a00a2099eb56001dd6a2d38e

    • SHA256

      578f2782a10a7d66c936ba4c02f70af39c1bb65188fe4d9f0eb6311c7598a7b0

    • SHA512

      ab2a7b43d3c4bb1bb542ca8e1cfaeec0bc3ed037d8c9a3a51ccc4489f12e9117f4abdf17acf0654a65881d6097d7ec3b968b69f7fa497959f5efae59f85fe997

    Score
    8/10
    • Path Permission

      Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.

    • Gatekeeper Bypass

      Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

MITRE ATT&CK Enterprise v15

Tasks