Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5bf49a2a344edb120b44ae6b0ad5891245e6a3c46189237b32c9f4b056fa5644N
-
Size
72KB
-
Sample
241001-xq3yvsyhmf
-
MD5
1e4d9acc849b60a5088b65d115df1420
-
SHA1
6a3eee5fba5f91d92e1c3a91a300706dfa16574c
-
SHA256
5bf49a2a344edb120b44ae6b0ad5891245e6a3c46189237b32c9f4b056fa5644
-
SHA512
4685a70343767dedc29d61d893304093c1e1093eaf55d8757c3decb7d93b3b94721d21c52f18fd50918d9efcdf53b639087608aece6967f133bfb0daab1de7e8
-
SSDEEP
1536:x5FNAlTnd+5rO0PxfXZVBZq5qYXMEIcSg:XTAlOO0Pxfznq5zXug
Malware Config
Targets
-
-
Target
5bf49a2a344edb120b44ae6b0ad5891245e6a3c46189237b32c9f4b056fa5644N
-
Size
72KB
-
MD5
1e4d9acc849b60a5088b65d115df1420
-
SHA1
6a3eee5fba5f91d92e1c3a91a300706dfa16574c
-
SHA256
5bf49a2a344edb120b44ae6b0ad5891245e6a3c46189237b32c9f4b056fa5644
-
SHA512
4685a70343767dedc29d61d893304093c1e1093eaf55d8757c3decb7d93b3b94721d21c52f18fd50918d9efcdf53b639087608aece6967f133bfb0daab1de7e8
-
SSDEEP
1536:x5FNAlTnd+5rO0PxfXZVBZq5qYXMEIcSg:XTAlOO0Pxfznq5zXug
Score10/10-
Windows security bypass
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Indicator Removal: Clear Persistence
remove IFEO.
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1