Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c43e203dfc4284505a119df6a230cf04da79e40541fa0796367128f72c140996N
-
Size
207KB
-
Sample
241015-hm2t3a1ajf
-
MD5
3200d276e79328dc4215b482566cc4d0
-
SHA1
678d6bdd77ab682ab23a8e081040acd46253d28e
-
SHA256
c43e203dfc4284505a119df6a230cf04da79e40541fa0796367128f72c140996
-
SHA512
8be0d02f8a2a3939760f30d547dce67256d23a6a94fc908ae989f88bc9e095e2314c59d41e14359732c064fc9ffb2f3e06e617c4817f3e2bc55d5289324c030e
-
SSDEEP
3072:mY22D32pxiCbv7xo9sAUcf6yidUr/61Z1ILrZXTXkS2jbxWGqt:L2g4iCXxo9sAURDdK6L1ILljXkSbGq
Malware Config
Targets
-
-
Target
c43e203dfc4284505a119df6a230cf04da79e40541fa0796367128f72c140996N
-
Size
207KB
-
MD5
3200d276e79328dc4215b482566cc4d0
-
SHA1
678d6bdd77ab682ab23a8e081040acd46253d28e
-
SHA256
c43e203dfc4284505a119df6a230cf04da79e40541fa0796367128f72c140996
-
SHA512
8be0d02f8a2a3939760f30d547dce67256d23a6a94fc908ae989f88bc9e095e2314c59d41e14359732c064fc9ffb2f3e06e617c4817f3e2bc55d5289324c030e
-
SSDEEP
3072:mY22D32pxiCbv7xo9sAUcf6yidUr/61Z1ILrZXTXkS2jbxWGqt:L2g4iCXxo9sAURDdK6L1ILljXkSbGq
Score10/10-
Modifies security service
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Component Object Model Hijacking
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Component Object Model Hijacking
1