Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5bf49a2a344edb120b44ae6b0ad5891245e6a3c46189237b32c9f4b056fa5644N

  • Size

    72KB

  • Sample

    241001-xq3yvsyhmf

  • MD5

    1e4d9acc849b60a5088b65d115df1420

  • SHA1

    6a3eee5fba5f91d92e1c3a91a300706dfa16574c

  • SHA256

    5bf49a2a344edb120b44ae6b0ad5891245e6a3c46189237b32c9f4b056fa5644

  • SHA512

    4685a70343767dedc29d61d893304093c1e1093eaf55d8757c3decb7d93b3b94721d21c52f18fd50918d9efcdf53b639087608aece6967f133bfb0daab1de7e8

  • SSDEEP

    1536:x5FNAlTnd+5rO0PxfXZVBZq5qYXMEIcSg:XTAlOO0Pxfznq5zXug

Malware Config

Targets

    • Target

      5bf49a2a344edb120b44ae6b0ad5891245e6a3c46189237b32c9f4b056fa5644N

    • Size

      72KB

    • MD5

      1e4d9acc849b60a5088b65d115df1420

    • SHA1

      6a3eee5fba5f91d92e1c3a91a300706dfa16574c

    • SHA256

      5bf49a2a344edb120b44ae6b0ad5891245e6a3c46189237b32c9f4b056fa5644

    • SHA512

      4685a70343767dedc29d61d893304093c1e1093eaf55d8757c3decb7d93b3b94721d21c52f18fd50918d9efcdf53b639087608aece6967f133bfb0daab1de7e8

    • SSDEEP

      1536:x5FNAlTnd+5rO0PxfXZVBZq5qYXMEIcSg:XTAlOO0Pxfznq5zXug

    • Windows security bypass

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Indicator Removal: Clear Persistence

      remove IFEO.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks