Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    nitro-lifetime-method.txt

  • Size

    1KB

  • Sample

    240921-2q95dsycmb

  • MD5

    0d7229d6ddfb223cd4c5ef9ac4a88cdb

  • SHA1

    24702f249ddc03f1362de41f8aa1d59c949f77e9

  • SHA256

    b7d148da962c5abb761e5b79e9d2823997b0dfdebf8e410a3e8dfc0d39e21581

  • SHA512

    253a0eb97ecd4879b2beb5e3c839efd0a837661bbdf911f085fabc91700853d93d36a4595560edcd75dbf188c7102726ae4334622c370af94f7ba763c2357448

Malware Config

Targets

    • Target

      nitro-lifetime-method.txt

    • Size

      1KB

    • MD5

      0d7229d6ddfb223cd4c5ef9ac4a88cdb

    • SHA1

      24702f249ddc03f1362de41f8aa1d59c949f77e9

    • SHA256

      b7d148da962c5abb761e5b79e9d2823997b0dfdebf8e410a3e8dfc0d39e21581

    • SHA512

      253a0eb97ecd4879b2beb5e3c839efd0a837661bbdf911f085fabc91700853d93d36a4595560edcd75dbf188c7102726ae4334622c370af94f7ba763c2357448

    • Modifies WinLogon for persistence

    • UAC bypass

    • Executes dropped EXE

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks