Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    nolami2.exe

  • Size

    106KB

  • Sample

    240907-sj6zqazcnn

  • MD5

    deb24aaea6aef5b629b92691c330e130

  • SHA1

    ddf1d6aa03cb23b7925dfcd1cc5b70ee5de77184

  • SHA256

    c9a5289c40bc7ccabea36ae1bf56923be5cb6f32858e6d5afc3b561b35a12068

  • SHA512

    34a0819cb183da07828a9c78541ace24606b31721446f47ab821b6f1b296e45b455166de9d30a2a2b358729968554d032fb1b2a39a15ff42b845dc11631de172

  • SSDEEP

    1536:L7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfAx3T8iVf8tv7roai:Hq6+ouCpk2mpcWJ0r+QNTBfA1Tt3

Malware Config

Targets

    • Target

      nolami2.exe

    • Size

      106KB

    • MD5

      deb24aaea6aef5b629b92691c330e130

    • SHA1

      ddf1d6aa03cb23b7925dfcd1cc5b70ee5de77184

    • SHA256

      c9a5289c40bc7ccabea36ae1bf56923be5cb6f32858e6d5afc3b561b35a12068

    • SHA512

      34a0819cb183da07828a9c78541ace24606b31721446f47ab821b6f1b296e45b455166de9d30a2a2b358729968554d032fb1b2a39a15ff42b845dc11631de172

    • SSDEEP

      1536:L7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfAx3T8iVf8tv7roai:Hq6+ouCpk2mpcWJ0r+QNTBfA1Tt3

    • Detected google phishing page

    • Modifies Windows Defender Real-time Protection settings

    • Modifies Windows Defender notification settings

    • Modifies security service

    • Modifies Security services

      Modifies the startup behavior of a security service.

    • Modifies boot configuration data using bcdedit

MITRE ATT&CK Enterprise v15

Tasks