Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0e37b4d9305fd9fd1cae80102ed94314b87ac644bf2b133c5965a4d3f081579a

  • Size

    16KB

  • Sample

    220604-ycybwshagq

  • MD5

    8b23aa9f667277aa0c81ab9a9d325c4a

  • SHA1

    b21ff7786eab0839ad884f86460733f2e8e7aa8d

  • SHA256

    0e37b4d9305fd9fd1cae80102ed94314b87ac644bf2b133c5965a4d3f081579a

  • SHA512

    2d349a6ed1111a6936aa48c29c581c7dc47e95ca7974bd64db184eb50c925aed1f3047e0247cc966179dee0d2981486bdef84dc4dadd59ec0d2a362d59ff21a2

Malware Config

Targets

    • Target

      0e37b4d9305fd9fd1cae80102ed94314b87ac644bf2b133c5965a4d3f081579a

    • Size

      16KB

    • MD5

      8b23aa9f667277aa0c81ab9a9d325c4a

    • SHA1

      b21ff7786eab0839ad884f86460733f2e8e7aa8d

    • SHA256

      0e37b4d9305fd9fd1cae80102ed94314b87ac644bf2b133c5965a4d3f081579a

    • SHA512

      2d349a6ed1111a6936aa48c29c581c7dc47e95ca7974bd64db184eb50c925aed1f3047e0247cc966179dee0d2981486bdef84dc4dadd59ec0d2a362d59ff21a2

    • LoaderBot

      LoaderBot is a loader written in .NET downloading and executing miners.

    • suricata: ET MALWARE CerberTear Ransomware CnC Checkin

      suricata: ET MALWARE CerberTear Ransomware CnC Checkin

    • LoaderBot executable

    • Drops startup file

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks