Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bef7cb55b42d2eefbc137b0e1cc8cf70N.exe

  • Size

    211KB

  • Sample

    240907-mfbrhsygll

  • MD5

    bef7cb55b42d2eefbc137b0e1cc8cf70

  • SHA1

    298e292afb2ccc5103e846bb05bd1bbcc75d78bb

  • SHA256

    62bcfc7301c5e4fa40e052c20696efcf7adbdafc685e4141747ca6971f7dfb90

  • SHA512

    7d766f90e7f36f256268965dca4edbb4d7f3fd04e029fd1f2e57d0f0fee0f26a9e7e497d0946951a1c115cb74425ae55afda887a1ae7a26d29221b5608765bb8

  • SSDEEP

    3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1FqnF:b1iNKQxENHLfMgw7y9ZrK

Malware Config

Targets

    • Target

      bef7cb55b42d2eefbc137b0e1cc8cf70N.exe

    • Size

      211KB

    • MD5

      bef7cb55b42d2eefbc137b0e1cc8cf70

    • SHA1

      298e292afb2ccc5103e846bb05bd1bbcc75d78bb

    • SHA256

      62bcfc7301c5e4fa40e052c20696efcf7adbdafc685e4141747ca6971f7dfb90

    • SHA512

      7d766f90e7f36f256268965dca4edbb4d7f3fd04e029fd1f2e57d0f0fee0f26a9e7e497d0946951a1c115cb74425ae55afda887a1ae7a26d29221b5608765bb8

    • SSDEEP

      3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1FqnF:b1iNKQxENHLfMgw7y9ZrK

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks