Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    22e4f35818b256b89cd533718def4a707033dfa85814c5fbad5bf33f32280b82

  • Size

    156KB

  • Sample

    220511-rvg93aaad6

  • MD5

    2125f0d203d4ad5bfdb0ef158ada3995

  • SHA1

    ecfd879faf4f047541147617cb84a9638600212d

  • SHA256

    22e4f35818b256b89cd533718def4a707033dfa85814c5fbad5bf33f32280b82

  • SHA512

    ad301008fe4d5400f5b63beedbf654c0b61d06fa2d4083293925cba1d786712e094866c7c6dbffce4394c72dc5fbcd21025d04c33dde5668b0c1347cf6b9deb7

Malware Config

Targets

    • Target

      22e4f35818b256b89cd533718def4a707033dfa85814c5fbad5bf33f32280b82

    • Size

      156KB

    • MD5

      2125f0d203d4ad5bfdb0ef158ada3995

    • SHA1

      ecfd879faf4f047541147617cb84a9638600212d

    • SHA256

      22e4f35818b256b89cd533718def4a707033dfa85814c5fbad5bf33f32280b82

    • SHA512

      ad301008fe4d5400f5b63beedbf654c0b61d06fa2d4083293925cba1d786712e094866c7c6dbffce4394c72dc5fbcd21025d04c33dde5668b0c1347cf6b9deb7

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

    • Chinese Botnet Payload

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks