Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e07cf71aa11eaba37ecaf5b7caf6b4b0N.exe
-
Size
44KB
-
Sample
240825-b3zw3stalj
-
MD5
e07cf71aa11eaba37ecaf5b7caf6b4b0
-
SHA1
1b987d0916443ee56da185987dc483f2d26fd88d
-
SHA256
f49585c2301e57fd829eb0ba4f7ad95cccf8ea73f503810f18036de9e3fbe8c4
-
SHA512
d42555afdfd09de8c7f5e0aaf7061adce9f676014d7785932af999a3dbfde69aa26dd348c7c1769b3c6ca4f9d9919fe1d85e62f880359bcdce5d5afcd178de55
-
SSDEEP
768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvRWrETR5:RUNHFKQbIkHvGkAzWR5
Malware Config
Targets
-
-
Target
e07cf71aa11eaba37ecaf5b7caf6b4b0N.exe
-
Size
44KB
-
MD5
e07cf71aa11eaba37ecaf5b7caf6b4b0
-
SHA1
1b987d0916443ee56da185987dc483f2d26fd88d
-
SHA256
f49585c2301e57fd829eb0ba4f7ad95cccf8ea73f503810f18036de9e3fbe8c4
-
SHA512
d42555afdfd09de8c7f5e0aaf7061adce9f676014d7785932af999a3dbfde69aa26dd348c7c1769b3c6ca4f9d9919fe1d85e62f880359bcdce5d5afcd178de55
-
SSDEEP
768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvRWrETR5:RUNHFKQbIkHvGkAzWR5
Score10/10-
Windows security bypass
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Indicator Removal: Clear Persistence
remove IFEO.
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1