Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
31939ac5200472a417faf3b6c4504a40N.exe
-
Size
63KB
-
Sample
240817-125hlszdrd
-
MD5
31939ac5200472a417faf3b6c4504a40
-
SHA1
f467058b6cbde29bca7bf66d3e182abce2a0f5f6
-
SHA256
2918cbdd03bd34774fdf83732c1dd0f6e889d69d00de2afec7e2964d4744af53
-
SHA512
53d20da3fb6a39b6069631dd1d281e8621f9ff562f3e5a6d3c32495e48539d02da737b51dab87fb1f17df444d9d49739c1f7115b2e15211d494c2ce66c5b842e
-
SSDEEP
768:rAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGKQLddOW/34WvLTkXWV:sUNHFKQbIkHvGMdOo40Td
Behavioral task
behavioral1
Sample
31939ac5200472a417faf3b6c4504a40N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
31939ac5200472a417faf3b6c4504a40N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
31939ac5200472a417faf3b6c4504a40N.exe
-
Size
63KB
-
MD5
31939ac5200472a417faf3b6c4504a40
-
SHA1
f467058b6cbde29bca7bf66d3e182abce2a0f5f6
-
SHA256
2918cbdd03bd34774fdf83732c1dd0f6e889d69d00de2afec7e2964d4744af53
-
SHA512
53d20da3fb6a39b6069631dd1d281e8621f9ff562f3e5a6d3c32495e48539d02da737b51dab87fb1f17df444d9d49739c1f7115b2e15211d494c2ce66c5b842e
-
SSDEEP
768:rAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGKQLddOW/34WvLTkXWV:sUNHFKQbIkHvGMdOo40Td
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1