Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e1a1965f7aa0252f250125fa83740406d96ffa6e4825e20106b996678cc1263dN

  • Size

    582KB

  • Sample

    241003-feznmaygle

  • MD5

    6fc610a744521995dfcd5817591865b0

  • SHA1

    731f90c3839a0badc652f8c230622d7b1e3aa8d4

  • SHA256

    e1a1965f7aa0252f250125fa83740406d96ffa6e4825e20106b996678cc1263d

  • SHA512

    94044da6af713ae4b5d054b1c58476c4bd7d33e3a4e79e0d499088e0efd3789f034575d30f2ae4a33c9e55689069f782828e0a6a4d751f45fccae38352168936

  • SSDEEP

    12288:PFUNDanzcn7EanlQiWtYhmJFSwUBLcQZfgiU:PFOazcn7NlwPUA

Malware Config

Targets

    • Target

      e1a1965f7aa0252f250125fa83740406d96ffa6e4825e20106b996678cc1263dN

    • Size

      582KB

    • MD5

      6fc610a744521995dfcd5817591865b0

    • SHA1

      731f90c3839a0badc652f8c230622d7b1e3aa8d4

    • SHA256

      e1a1965f7aa0252f250125fa83740406d96ffa6e4825e20106b996678cc1263d

    • SHA512

      94044da6af713ae4b5d054b1c58476c4bd7d33e3a4e79e0d499088e0efd3789f034575d30f2ae4a33c9e55689069f782828e0a6a4d751f45fccae38352168936

    • SSDEEP

      12288:PFUNDanzcn7EanlQiWtYhmJFSwUBLcQZfgiU:PFOazcn7NlwPUA

    • Modifies security service

    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks