Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    test.exe

  • Size

    452KB

  • Sample

    240901-l42geaybke

  • MD5

    8068ba47c4eea9a7bd9e34d69d3c7f75

  • SHA1

    90ee80f3eee31fb16caf3f63297fc24f3b973500

  • SHA256

    c56b5f0c9ded71748cc5d138f56344df0b0d63a03cb66eaae46fbfc468f5d0e0

  • SHA512

    f9c6319a7349e10012b05d1159e79aba6b4b0bf6e3fb147b7868aa796246772231508b3303b5585c871974c65d6f25f3af35273667969ff96536bae9a6efee99

  • SSDEEP

    6144:hrltRqw34+KZOsrixjpY2v3IQ0xK/uWnVKZW0Kndu4iomCOX7Pkjt5I7wz:ntYwXK3ixjKI3II/FVKBuFmX7PyrI7C

Score
8/10

Malware Config

Targets

    • Target

      test.exe

    • Size

      452KB

    • MD5

      8068ba47c4eea9a7bd9e34d69d3c7f75

    • SHA1

      90ee80f3eee31fb16caf3f63297fc24f3b973500

    • SHA256

      c56b5f0c9ded71748cc5d138f56344df0b0d63a03cb66eaae46fbfc468f5d0e0

    • SHA512

      f9c6319a7349e10012b05d1159e79aba6b4b0bf6e3fb147b7868aa796246772231508b3303b5585c871974c65d6f25f3af35273667969ff96536bae9a6efee99

    • SSDEEP

      6144:hrltRqw34+KZOsrixjpY2v3IQ0xK/uWnVKZW0Kndu4iomCOX7Pkjt5I7wz:ntYwXK3ixjKI3II/FVKBuFmX7PyrI7C

    Score
    8/10
    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

    • Modifies termsrv.dll

      Commonly used to allow simultaneous RDP sessions.

MITRE ATT&CK Enterprise v15

Tasks