Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d1322936eef9707b3aae7c71f2e5a81b0190710ba5ac4b7c3a845f2a7f4fafdc

  • Size

    255KB

  • Sample

    241014-en91aayamh

  • MD5

    d298e59c984f1814754b040cedc857a0

  • SHA1

    c6b5bf48d5ef8152e838927957ba215b0c5f223d

  • SHA256

    d1322936eef9707b3aae7c71f2e5a81b0190710ba5ac4b7c3a845f2a7f4fafdc

  • SHA512

    2dae71bc19d2a9f1c15639f9e96b3bcae6e832b08777591413622d1059e28225e13cfef07b28df6f9a4bdc8d45c81ef43fcf357248a6ee6073be896d72f13a0e

  • SSDEEP

    6144:zvEN2U+T6i5LirrllHy4HUcMQY6A7290/5:zENN+T5xYrllrU7QY6WB

Malware Config

Targets

    • Target

      d1322936eef9707b3aae7c71f2e5a81b0190710ba5ac4b7c3a845f2a7f4fafdc

    • Size

      255KB

    • MD5

      d298e59c984f1814754b040cedc857a0

    • SHA1

      c6b5bf48d5ef8152e838927957ba215b0c5f223d

    • SHA256

      d1322936eef9707b3aae7c71f2e5a81b0190710ba5ac4b7c3a845f2a7f4fafdc

    • SHA512

      2dae71bc19d2a9f1c15639f9e96b3bcae6e832b08777591413622d1059e28225e13cfef07b28df6f9a4bdc8d45c81ef43fcf357248a6ee6073be896d72f13a0e

    • SSDEEP

      6144:zvEN2U+T6i5LirrllHy4HUcMQY6A7290/5:zENN+T5xYrllrU7QY6WB

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks