Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a7fcbe6261616e23f66c510443213e64c5ae650f6afa94cd90e8dfcfea31aa7c

  • Size

    211KB

  • Sample

    240817-d3grlsyajq

  • MD5

    e5dc0d2edb9217f61b178e4fb33c1e56

  • SHA1

    b2c26b273efa8eef307e73b3ded8e28e1b4f388e

  • SHA256

    a7fcbe6261616e23f66c510443213e64c5ae650f6afa94cd90e8dfcfea31aa7c

  • SHA512

    9f82a43d302cf35cfd1392bc8f3acdbae7b12d4506ecac1158324c77e5bdc334e1b151b8e3749990fa3f93aa8d4451066a21a552ac11e1ae6d6cffc91767faaf

  • SSDEEP

    3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1FqnC:b1iNKQxENHLfMgw7y9Zr/

Malware Config

Targets

    • Target

      a7fcbe6261616e23f66c510443213e64c5ae650f6afa94cd90e8dfcfea31aa7c

    • Size

      211KB

    • MD5

      e5dc0d2edb9217f61b178e4fb33c1e56

    • SHA1

      b2c26b273efa8eef307e73b3ded8e28e1b4f388e

    • SHA256

      a7fcbe6261616e23f66c510443213e64c5ae650f6afa94cd90e8dfcfea31aa7c

    • SHA512

      9f82a43d302cf35cfd1392bc8f3acdbae7b12d4506ecac1158324c77e5bdc334e1b151b8e3749990fa3f93aa8d4451066a21a552ac11e1ae6d6cffc91767faaf

    • SSDEEP

      3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1FqnC:b1iNKQxENHLfMgw7y9Zr/

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks