Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    All Numby_s Impact Presets.sfpreset

  • Size

    9KB

  • Sample

    241020-xl26rswfmn

  • MD5

    433465b053defd1b5db81592e7839483

  • SHA1

    326692a73e5f5944d384f72ed141011d48bf1fc2

  • SHA256

    50b7daff30ae9ab477edcd35cee332b8a38d61aad5823bfa57cec31d8e226d24

  • SHA512

    d91f30b1863d4f421c4f933aa065d6292ae2bf3f974de0bf2f3c16090071d02e5f1a06f9b590c8f98d6e39a7b5fe2f2d6c5cced5dd32757d30db9a7856c35183

  • SSDEEP

    96:3Pl6nOTOFBDInqb3W1O5OEtnqb3WTO6Owkjfnqb3WAOJO8iGO4OCkQfnqb3W+OAg:3PyJ8gKiIiApi4h7f

Malware Config

Targets

    • Target

      All Numby_s Impact Presets.sfpreset

    • Size

      9KB

    • MD5

      433465b053defd1b5db81592e7839483

    • SHA1

      326692a73e5f5944d384f72ed141011d48bf1fc2

    • SHA256

      50b7daff30ae9ab477edcd35cee332b8a38d61aad5823bfa57cec31d8e226d24

    • SHA512

      d91f30b1863d4f421c4f933aa065d6292ae2bf3f974de0bf2f3c16090071d02e5f1a06f9b590c8f98d6e39a7b5fe2f2d6c5cced5dd32757d30db9a7856c35183

    • SSDEEP

      96:3Pl6nOTOFBDInqb3W1O5OEtnqb3WTO6Owkjfnqb3WAOJO8iGO4OCkQfnqb3W+OAg:3PyJ8gKiIiApi4h7f

    • Modifies WinLogon for persistence

    • UAC bypass

    • Disables RegEdit via registry modification

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks