Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
061c9deaa42a21dbfbe9bdd700abd8c0N.exe
-
Size
22KB
-
Sample
240816-2c6j2svbln
-
MD5
061c9deaa42a21dbfbe9bdd700abd8c0
-
SHA1
65af39a56972bd7135943a05a113752952ede9df
-
SHA256
b79024ccce9cef4a315437343d545e70002c25246f473e5a3d79ef1065b6fcb8
-
SHA512
215f4b86026ddb0cd03b5f0ec0db91a00f2325e4cffc9559096df7059ad08de9e04bde671ac7e51241b8cf10fcad91bd699aad59af1a745d100a4ff526710578
-
SSDEEP
384:jIz43Tu7MSbQUyO44MGvJSsZ/MPNapPw+nI4NTDVHg+pDJQ4r:jIUS7MwyiEPNa1w+bdVHg+py4r
Static task
static1
Behavioral task
behavioral1
Sample
061c9deaa42a21dbfbe9bdd700abd8c0N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
061c9deaa42a21dbfbe9bdd700abd8c0N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
061c9deaa42a21dbfbe9bdd700abd8c0N.exe
-
Size
22KB
-
MD5
061c9deaa42a21dbfbe9bdd700abd8c0
-
SHA1
65af39a56972bd7135943a05a113752952ede9df
-
SHA256
b79024ccce9cef4a315437343d545e70002c25246f473e5a3d79ef1065b6fcb8
-
SHA512
215f4b86026ddb0cd03b5f0ec0db91a00f2325e4cffc9559096df7059ad08de9e04bde671ac7e51241b8cf10fcad91bd699aad59af1a745d100a4ff526710578
-
SSDEEP
384:jIz43Tu7MSbQUyO44MGvJSsZ/MPNapPw+nI4NTDVHg+pDJQ4r:jIUS7MwyiEPNa1w+bdVHg+py4r
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1