Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
gdifuncs.exe
-
Size
5.5MB
-
Sample
240929-ygrpxaxemn
-
MD5
595dc45fb94484094c8a27639f9f5738
-
SHA1
87e683d77617e670ddadc8bd9d2578044a2cfe0b
-
SHA256
9c23ff455d1025036ee79d4db881f41910d7db4be5aa00464096cd10a21edd05
-
SHA512
fb3bc6501b386ba33c5078d3987f9f5bb597db3a326952e3b9de8a8a67b9dd5e0cd6e7d6b7a608eddcf0fc8b6bb1822ba333ae437e5591836548a0477d29326a
-
SSDEEP
98304:HQz+04D+i4DBz2NHlruSSDllNmd+5z/Le7q2//Le7q2:HQS04D+i4DZmLclKez/Lkq4/Lkq
Static task
static1
Behavioral task
behavioral1
Sample
gdifuncs.exe
Resource
win10v2004-20240910-en
Malware Config
Targets
-
-
Target
gdifuncs.exe
-
Size
5.5MB
-
MD5
595dc45fb94484094c8a27639f9f5738
-
SHA1
87e683d77617e670ddadc8bd9d2578044a2cfe0b
-
SHA256
9c23ff455d1025036ee79d4db881f41910d7db4be5aa00464096cd10a21edd05
-
SHA512
fb3bc6501b386ba33c5078d3987f9f5bb597db3a326952e3b9de8a8a67b9dd5e0cd6e7d6b7a608eddcf0fc8b6bb1822ba333ae437e5591836548a0477d29326a
-
SSDEEP
98304:HQz+04D+i4DBz2NHlruSSDllNmd+5z/Le7q2//Le7q2:HQS04D+i4DZmLclKez/Lkq4/Lkq
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Winlogon Helper DLL
1