Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    83e0de8e9ffc573ee2045268d81f33c085dbe9804ef273611ad5216c14136942

  • Size

    67KB

  • Sample

    240929-3gspeszdme

  • MD5

    03597db200d5c9dce67da7e02e2a4ade

  • SHA1

    6aef6da057cf5e17f7900f32106cf4ec0023f58c

  • SHA256

    83e0de8e9ffc573ee2045268d81f33c085dbe9804ef273611ad5216c14136942

  • SHA512

    f21305a160018b408e44ceb9e122d638b219a830dc23f07cf46afcc1d4d055fe18de85af85ff8b7661332e7965852f645e7daf18a95b2c83a0178d55abb42dc3

  • SSDEEP

    1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1GwKC:ulg35GTslA5t3uwKC

Malware Config

Targets

    • Target

      83e0de8e9ffc573ee2045268d81f33c085dbe9804ef273611ad5216c14136942

    • Size

      67KB

    • MD5

      03597db200d5c9dce67da7e02e2a4ade

    • SHA1

      6aef6da057cf5e17f7900f32106cf4ec0023f58c

    • SHA256

      83e0de8e9ffc573ee2045268d81f33c085dbe9804ef273611ad5216c14136942

    • SHA512

      f21305a160018b408e44ceb9e122d638b219a830dc23f07cf46afcc1d4d055fe18de85af85ff8b7661332e7965852f645e7daf18a95b2c83a0178d55abb42dc3

    • SSDEEP

      1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1GwKC:ulg35GTslA5t3uwKC

    • Windows security bypass

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Indicator Removal: Clear Persistence

      remove IFEO.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks