Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Goby_Red_Team_2.0.5_crack_by_hlop.7z

  • Size

    118.3MB

  • Sample

    220921-ef69esaebq

  • MD5

    5aaf46451cdc6bca8db526bf76484026

  • SHA1

    592bdfdf9f49e9fc2d2267aac08b80937d40f510

  • SHA256

    0f20af4a90fb5070fc602682a6117dd787d7d5a96a2645528b4fada310de06b7

  • SHA512

    3e28ac7eb716c3d2d49dd3d0cc9e7dc2f5e114872b408f8a945a6c3f72665831a1fed122c007d43c03f934288cc79e7fa350fd4590f3adcefad75ce26a98ceef

  • SSDEEP

    3145728:u9cbifXK5iVux/hmPMVa5VjD7nmW8xK+b7Y2xiuI6ghKLGj:Wcbif65iVux/hwMSDCWgnHzxiuI6ghr

Malware Config

Targets

    • Target

      Goby_Red_Team_2.0.5_crack_by_hlop.7z

    • Size

      118.3MB

    • MD5

      5aaf46451cdc6bca8db526bf76484026

    • SHA1

      592bdfdf9f49e9fc2d2267aac08b80937d40f510

    • SHA256

      0f20af4a90fb5070fc602682a6117dd787d7d5a96a2645528b4fada310de06b7

    • SHA512

      3e28ac7eb716c3d2d49dd3d0cc9e7dc2f5e114872b408f8a945a6c3f72665831a1fed122c007d43c03f934288cc79e7fa350fd4590f3adcefad75ce26a98ceef

    • SSDEEP

      3145728:u9cbifXK5iVux/hmPMVa5VjD7nmW8xK+b7Y2xiuI6ghKLGj:Wcbif65iVux/hwMSDCWgnHzxiuI6ghr

    Score
    3/10
    • Target

      goby-win-x64-2.0.5-redteam-cracked_by_hlop/Goby.exe

    • Size

      133.2MB

    • MD5

      27bd09efcf2746a98312f507d6d96f7e

    • SHA1

      ae156478009b0c89ac132af3d63249c85cf2ce17

    • SHA256

      ae12cfdb41c3dc3fc383ce5e4e2856b28cd8dee6352b047b9981b1dd51e55ce1

    • SHA512

      6bb6823809cc407aa99f53a3d5acfe5bc8ce7503fbe87bfd5dee8349dc2679562c10ea9913c48cc9865c7320df8a7424d3abac7131462247750030e12bded3e6

    • SSDEEP

      786432:vdWnQaBaRvHGYJKQSXPz9T/G2nXpf/EtBfamfrpcvFBJFoF2PScuNWqW:VxTRvHF8QS/z9zGud/ET3fcCWq

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks