Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7e8e8167fa8f5f32e6873d0b77ac6abc2fe54b7cd0dcf9039a20bb18dd1c7244N

  • Size

    51KB

  • Sample

    241003-p6lera1glc

  • MD5

    4bcc6c2cf6edbe0c1f669d8464588040

  • SHA1

    6b68d6a32c613b75fec7e0d9a649caedbe5d3903

  • SHA256

    7e8e8167fa8f5f32e6873d0b77ac6abc2fe54b7cd0dcf9039a20bb18dd1c7244

  • SHA512

    e0b5a47c46bec24a091e0d685840b7a8cc9a30817805cfe7f98d4ce2a33f4cd26c023a3a14fcd435963779705634e4e0e615f3f5f54fd53f79bb05514ebfae85

  • SSDEEP

    768:nNAGAkIo/juokwoL7627d9rIiClJAxiFkJT22euOiya6lHOYxY0x0KS3W:nNJb/HkwoLe29UjQ4wqQOLIMVnS3W

Malware Config

Targets

    • Target

      7e8e8167fa8f5f32e6873d0b77ac6abc2fe54b7cd0dcf9039a20bb18dd1c7244N

    • Size

      51KB

    • MD5

      4bcc6c2cf6edbe0c1f669d8464588040

    • SHA1

      6b68d6a32c613b75fec7e0d9a649caedbe5d3903

    • SHA256

      7e8e8167fa8f5f32e6873d0b77ac6abc2fe54b7cd0dcf9039a20bb18dd1c7244

    • SHA512

      e0b5a47c46bec24a091e0d685840b7a8cc9a30817805cfe7f98d4ce2a33f4cd26c023a3a14fcd435963779705634e4e0e615f3f5f54fd53f79bb05514ebfae85

    • SSDEEP

      768:nNAGAkIo/juokwoL7627d9rIiClJAxiFkJT22euOiya6lHOYxY0x0KS3W:nNJb/HkwoLe29UjQ4wqQOLIMVnS3W

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks