Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5db5387e4c24ae87ea0fd4a905d8eecde1a898f6aadd4cdb6b52cbb756088627

  • Size

    206KB

  • Sample

    240816-3elhbstenh

  • MD5

    a305277341951bd694f90b7663fcc150

  • SHA1

    fdda95f6b8ac829d49b25042ea884ed527388af4

  • SHA256

    5db5387e4c24ae87ea0fd4a905d8eecde1a898f6aadd4cdb6b52cbb756088627

  • SHA512

    379131604af217f4ca58dc763c0a501ffa68bfcd8d9465734a73d28a1f5ac086d71cc57000594107f56c5969dbdc108875ba51c7ebf56b6f581fe021f43fc61b

  • SSDEEP

    3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unN:zvEN2U+T6i5LirrllHy4HUcMQY6A

Malware Config

Targets

    • Target

      5db5387e4c24ae87ea0fd4a905d8eecde1a898f6aadd4cdb6b52cbb756088627

    • Size

      206KB

    • MD5

      a305277341951bd694f90b7663fcc150

    • SHA1

      fdda95f6b8ac829d49b25042ea884ed527388af4

    • SHA256

      5db5387e4c24ae87ea0fd4a905d8eecde1a898f6aadd4cdb6b52cbb756088627

    • SHA512

      379131604af217f4ca58dc763c0a501ffa68bfcd8d9465734a73d28a1f5ac086d71cc57000594107f56c5969dbdc108875ba51c7ebf56b6f581fe021f43fc61b

    • SSDEEP

      3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unN:zvEN2U+T6i5LirrllHy4HUcMQY6A

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks