Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a5cdc8c5ffddfc7d83f2cb92fbaac93bfd7e9cf919f7249ddeb8de93eef777c1

  • Size

    33KB

  • Sample

    240812-a4cmhaxbrn

  • MD5

    232be6ede67aa2a788169289d0de4de4

  • SHA1

    2dad49af3cee9589d3cc2ce4bda038560c7f589e

  • SHA256

    a5cdc8c5ffddfc7d83f2cb92fbaac93bfd7e9cf919f7249ddeb8de93eef777c1

  • SHA512

    7b42484ad1d627bf23d5b1e325e8510b6d7ed6bda9771f8f697697d8a382e66369383f70d13544a6cf728a6a74a8505287b24173d0f9807cb89fb3051403bc54

  • SSDEEP

    768:tQbuQRy2UjmUndnlTttxDn+3jiSkjRY6AB7kKfYoJ+ifBEewzKOb:QuQRylaUDTDxDXjy6AB7koYy2Tb

Malware Config

Targets

    • Target

      a5cdc8c5ffddfc7d83f2cb92fbaac93bfd7e9cf919f7249ddeb8de93eef777c1

    • Size

      33KB

    • MD5

      232be6ede67aa2a788169289d0de4de4

    • SHA1

      2dad49af3cee9589d3cc2ce4bda038560c7f589e

    • SHA256

      a5cdc8c5ffddfc7d83f2cb92fbaac93bfd7e9cf919f7249ddeb8de93eef777c1

    • SHA512

      7b42484ad1d627bf23d5b1e325e8510b6d7ed6bda9771f8f697697d8a382e66369383f70d13544a6cf728a6a74a8505287b24173d0f9807cb89fb3051403bc54

    • SSDEEP

      768:tQbuQRy2UjmUndnlTttxDn+3jiSkjRY6AB7kKfYoJ+ifBEewzKOb:QuQRylaUDTDxDXjy6AB7koYy2Tb

    • Windows security bypass

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Indicator Removal: Clear Persistence

      remove IFEO.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.