Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    sa-mp-002.png

  • Size

    2.4MB

  • Sample

    240919-x9klmawfmh

  • MD5

    49baf03eca8dd62f49eff7255e66573f

  • SHA1

    6766ed83ff5907138ea35235dc119155ed54d6b7

  • SHA256

    b20bf08da397830ce1a586f0974c59df3dda4ca1847d265a776ab2f2b4bb159b

  • SHA512

    72c9caf8b02c40411cf22505ddf9c60851d710e30b42cd102f9e1ac66d03f0d3e42f682f2edaa74d034e291bc84e6516f6ce7b3cc2c9482928c76a293160dc06

  • SSDEEP

    49152:tFwgmMft/VQjOOm17Uir8BF2YvcaC0aLc7s8IFoA5+llp9en8K+iD6p0VW:ARMft/B17Pr8aY7s4vG6KW

Malware Config

Targets

    • Target

      sa-mp-002.png

    • Size

      2.4MB

    • MD5

      49baf03eca8dd62f49eff7255e66573f

    • SHA1

      6766ed83ff5907138ea35235dc119155ed54d6b7

    • SHA256

      b20bf08da397830ce1a586f0974c59df3dda4ca1847d265a776ab2f2b4bb159b

    • SHA512

      72c9caf8b02c40411cf22505ddf9c60851d710e30b42cd102f9e1ac66d03f0d3e42f682f2edaa74d034e291bc84e6516f6ce7b3cc2c9482928c76a293160dc06

    • SSDEEP

      49152:tFwgmMft/VQjOOm17Uir8BF2YvcaC0aLc7s8IFoA5+llp9en8K+iD6p0VW:ARMft/B17Pr8aY7s4vG6KW

    Score
    8/10
    • Path Permission

      Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.

    • Gatekeeper Bypass

      Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

MITRE ATT&CK Enterprise v15

Tasks