Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    916df5e9c463468ed689c6ed96c7c0f0N.exe

  • Size

    71KB

  • Sample

    240814-n5p6wa1bqf

  • MD5

    916df5e9c463468ed689c6ed96c7c0f0

  • SHA1

    971a0aad4d6393196d4534e879fa60e6b46e847c

  • SHA256

    20da107131fe29bfe7f610ff65d463c5f09c1f868982892f21b1bf800cf843b0

  • SHA512

    6b2757760a4aa5fe3adeb6aa8b94e3c737bbd7a1526860c998c3dd477a2917c4a80934202963dcf444562b708039a658985d8cb22a8a19977cc78e4a27cdbb13

  • SSDEEP

    768:EXKeT2Si83nLt8tkGX8uxOHgRrW5YLKG9Y/HrSNm0kmG7xMsVAnc3yy85SBiLFMb:EFrmh0HgB3LKrL9AcnQFMc9zwR6i+BW

Malware Config

Targets

    • Target

      916df5e9c463468ed689c6ed96c7c0f0N.exe

    • Size

      71KB

    • MD5

      916df5e9c463468ed689c6ed96c7c0f0

    • SHA1

      971a0aad4d6393196d4534e879fa60e6b46e847c

    • SHA256

      20da107131fe29bfe7f610ff65d463c5f09c1f868982892f21b1bf800cf843b0

    • SHA512

      6b2757760a4aa5fe3adeb6aa8b94e3c737bbd7a1526860c998c3dd477a2917c4a80934202963dcf444562b708039a658985d8cb22a8a19977cc78e4a27cdbb13

    • SSDEEP

      768:EXKeT2Si83nLt8tkGX8uxOHgRrW5YLKG9Y/HrSNm0kmG7xMsVAnc3yy85SBiLFMb:EFrmh0HgB3LKrL9AcnQFMc9zwR6i+BW

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks