Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
95f074c0032b153e2cfff58cf8d4f5e4d1894df272692fb3cd65527cc84033ffN
-
Size
91KB
-
Sample
240927-mnp9wa1cmb
-
MD5
26c2701dd9f51b47452eef3c5c9b3b60
-
SHA1
a925fa09e6f938f7ddd90227253b4765cc6d4dd6
-
SHA256
95f074c0032b153e2cfff58cf8d4f5e4d1894df272692fb3cd65527cc84033ff
-
SHA512
6c7364f682cf762a8e792447d93586d98df9d4200cb2e5c46b66f0f55ec57f419a33f9454e643fd5902d8d4be862ff97009d401388a6a5f25d74fbfd9fab89a6
-
SSDEEP
1536:8AwEmBj3EXHn4x+9aa3AwEmBj3EXHn4x+9aR:8GmF3onW+Ma3GmF3onW+MR
Malware Config
Targets
-
-
Target
95f074c0032b153e2cfff58cf8d4f5e4d1894df272692fb3cd65527cc84033ffN
-
Size
91KB
-
MD5
26c2701dd9f51b47452eef3c5c9b3b60
-
SHA1
a925fa09e6f938f7ddd90227253b4765cc6d4dd6
-
SHA256
95f074c0032b153e2cfff58cf8d4f5e4d1894df272692fb3cd65527cc84033ff
-
SHA512
6c7364f682cf762a8e792447d93586d98df9d4200cb2e5c46b66f0f55ec57f419a33f9454e643fd5902d8d4be862ff97009d401388a6a5f25d74fbfd9fab89a6
-
SSDEEP
1536:8AwEmBj3EXHn4x+9aa3AwEmBj3EXHn4x+9aR:8GmF3onW+Ma3GmF3onW+MR
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Disables use of System Restore points
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Modify Registry
6