Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
sample
-
Size
19KB
-
Sample
240827-vt2h4atblq
-
MD5
99f18c2c7967e2391a6d7bbcd570b13f
-
SHA1
4a7dde254c1695eca69d233476c3e63363fd35df
-
SHA256
d3327b6feef1d58b9d0f9280e4461027813f0f1be93fd6ea68ac24b181fce2a8
-
SHA512
a651c61b5d6f304483c68b7a3b45cd052bcd1fc70f7b6baf163cf6ecaf92737ba0a292988cfda76fd4c4e0615ef6304d8d2202043fefbd342585e739c980ca62
-
SSDEEP
384:4fspa1ocy4t4lbGaK7vhpNZGzzVyn2MFV1EY04Tolufm1xCejiw:e1ocy4eEaIJpNEzpyFTEY04TolsYxPiw
Static task
static1
Behavioral task
behavioral1
Sample
sample.html
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
sample.html
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
sample
-
Size
19KB
-
MD5
99f18c2c7967e2391a6d7bbcd570b13f
-
SHA1
4a7dde254c1695eca69d233476c3e63363fd35df
-
SHA256
d3327b6feef1d58b9d0f9280e4461027813f0f1be93fd6ea68ac24b181fce2a8
-
SHA512
a651c61b5d6f304483c68b7a3b45cd052bcd1fc70f7b6baf163cf6ecaf92737ba0a292988cfda76fd4c4e0615ef6304d8d2202043fefbd342585e739c980ca62
-
SSDEEP
384:4fspa1ocy4t4lbGaK7vhpNZGzzVyn2MFV1EY04Tolufm1xCejiw:e1ocy4eEaIJpNEzpyFTEY04TolsYxPiw
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1