Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
40a173916595b80b79f229279c8a6263db9340413d6972d8faff971a0da39b6e.exe
-
Size
128KB
-
Sample
241123-kp829ssjew
-
MD5
ea56e92f7326d412ba03f3dfac9298c3
-
SHA1
cb79d7ca1a6c537c65f139c6bd0ccff8f0f75704
-
SHA256
40a173916595b80b79f229279c8a6263db9340413d6972d8faff971a0da39b6e
-
SHA512
b03ea4698674a941fd768d383e348f5b1f7bda76087da115edb50da46f2dbd0931abdd579ae8cb02a2089b458a4f0b9148927124cd2c7c08db96029c78ef6bc7
-
SSDEEP
3072:66mdSGLC/SU9e9rjmZvNbZwkmxDDe9rj/:66FKuSU9eVOpZdqDDeV/
Behavioral task
behavioral1
Sample
40a173916595b80b79f229279c8a6263db9340413d6972d8faff971a0da39b6e.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
40a173916595b80b79f229279c8a6263db9340413d6972d8faff971a0da39b6e.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
40a173916595b80b79f229279c8a6263db9340413d6972d8faff971a0da39b6e.exe
-
Size
128KB
-
MD5
ea56e92f7326d412ba03f3dfac9298c3
-
SHA1
cb79d7ca1a6c537c65f139c6bd0ccff8f0f75704
-
SHA256
40a173916595b80b79f229279c8a6263db9340413d6972d8faff971a0da39b6e
-
SHA512
b03ea4698674a941fd768d383e348f5b1f7bda76087da115edb50da46f2dbd0931abdd579ae8cb02a2089b458a4f0b9148927124cd2c7c08db96029c78ef6bc7
-
SSDEEP
3072:66mdSGLC/SU9e9rjmZvNbZwkmxDDe9rj/:66FKuSU9eVOpZdqDDeV/
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1