Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
916df5e9c463468ed689c6ed96c7c0f0N.exe
-
Size
71KB
-
Sample
240814-n5p6wa1bqf
-
MD5
916df5e9c463468ed689c6ed96c7c0f0
-
SHA1
971a0aad4d6393196d4534e879fa60e6b46e847c
-
SHA256
20da107131fe29bfe7f610ff65d463c5f09c1f868982892f21b1bf800cf843b0
-
SHA512
6b2757760a4aa5fe3adeb6aa8b94e3c737bbd7a1526860c998c3dd477a2917c4a80934202963dcf444562b708039a658985d8cb22a8a19977cc78e4a27cdbb13
-
SSDEEP
768:EXKeT2Si83nLt8tkGX8uxOHgRrW5YLKG9Y/HrSNm0kmG7xMsVAnc3yy85SBiLFMb:EFrmh0HgB3LKrL9AcnQFMc9zwR6i+BW
Behavioral task
behavioral1
Sample
916df5e9c463468ed689c6ed96c7c0f0N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
916df5e9c463468ed689c6ed96c7c0f0N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
916df5e9c463468ed689c6ed96c7c0f0N.exe
-
Size
71KB
-
MD5
916df5e9c463468ed689c6ed96c7c0f0
-
SHA1
971a0aad4d6393196d4534e879fa60e6b46e847c
-
SHA256
20da107131fe29bfe7f610ff65d463c5f09c1f868982892f21b1bf800cf843b0
-
SHA512
6b2757760a4aa5fe3adeb6aa8b94e3c737bbd7a1526860c998c3dd477a2917c4a80934202963dcf444562b708039a658985d8cb22a8a19977cc78e4a27cdbb13
-
SSDEEP
768:EXKeT2Si83nLt8tkGX8uxOHgRrW5YLKG9Y/HrSNm0kmG7xMsVAnc3yy85SBiLFMb:EFrmh0HgB3LKrL9AcnQFMc9zwR6i+BW
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
4