Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    login

  • Size

    27KB

  • Sample

    240817-pz1wvswdpd

  • MD5

    2f4746bd004089f788433af50df3c3a1

  • SHA1

    dd3e4ada09bcadd368e9f00c8f0c0fb23c403578

  • SHA256

    8a8c823816664ff45d7046725a978ff246adb8bb04ff7ec06151380d51efac8a

  • SHA512

    f7f9f5cd15ca61a0b0b5ec559a5203c5e807078a054a84179dcb15f77c95e1179dd5808ee786399c71dfebacc14a8be51260b4434270115988d7650bb8b12141

  • SSDEEP

    384:ooi99m5v477sGGzK+TpQn7M9cyqy/f2f/Yb6WiZEMuulffGfMfDsVz3syZj5XCqi:T/+scm2f/Yb6HZuul3UWDsV7syZ9c

Malware Config

Targets

    • Target

      login

    • Size

      27KB

    • MD5

      2f4746bd004089f788433af50df3c3a1

    • SHA1

      dd3e4ada09bcadd368e9f00c8f0c0fb23c403578

    • SHA256

      8a8c823816664ff45d7046725a978ff246adb8bb04ff7ec06151380d51efac8a

    • SHA512

      f7f9f5cd15ca61a0b0b5ec559a5203c5e807078a054a84179dcb15f77c95e1179dd5808ee786399c71dfebacc14a8be51260b4434270115988d7650bb8b12141

    • SSDEEP

      384:ooi99m5v477sGGzK+TpQn7M9cyqy/f2f/Yb6WiZEMuulffGfMfDsVz3syZj5XCqi:T/+scm2f/Yb6HZuul3UWDsV7syZ9c

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops desktop.ini file(s)

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.