Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df

  • Size

    613KB

  • Sample

    220212-p95b2aedan

  • MD5

    d47f881aab0e1d00a775f38df7cd8835

  • SHA1

    16aa64f660ab69866f52c3348a086a88a7c2a078

  • SHA256

    0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df

  • SHA512

    57c8db79534763d4c6b7fa9d3e9208d87966ff861aed975d744d56eb46e4adf0f42096f95754621f76a80e8e242b51d22fff89c6d3e740aad30e863e544e3f5f

Malware Config

Targets

    • Target

      0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df

    • Size

      613KB

    • MD5

      d47f881aab0e1d00a775f38df7cd8835

    • SHA1

      16aa64f660ab69866f52c3348a086a88a7c2a078

    • SHA256

      0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df

    • SHA512

      57c8db79534763d4c6b7fa9d3e9208d87966ff861aed975d744d56eb46e4adf0f42096f95754621f76a80e8e242b51d22fff89c6d3e740aad30e863e544e3f5f

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

    • Chinese Botnet Payload

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks