Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    284aa4c432281783eaba38d0722581e71ff2b9529bdfda544a7003f5fbd9c383

  • Size

    4.1MB

  • Sample

    221106-phvnhsddbr

  • MD5

    f65d90e79d2bfd3659555c893b86a4c2

  • SHA1

    d4d7cc43f631eccddb0416c7e112f5b15af3717b

  • SHA256

    284aa4c432281783eaba38d0722581e71ff2b9529bdfda544a7003f5fbd9c383

  • SHA512

    ab14f1342ff0e53c9693919cceebd06a58ff2c10e8fa5dac1f443b247f484c2dbf01ddd659489ff1ebb9250354a85b6de7ac0c91534a0321a9b3ef19b4d4217c

  • SSDEEP

    98304:5xH8Ud5H1YyQ2kPqMRCFbuDxFUyBSci29FG3oiQA8MumSDMYBRtn:X8Ud5H1YorgDVUhL8Mu6wfn

Malware Config

Targets

    • Target

      284aa4c432281783eaba38d0722581e71ff2b9529bdfda544a7003f5fbd9c383

    • Size

      4.1MB

    • MD5

      f65d90e79d2bfd3659555c893b86a4c2

    • SHA1

      d4d7cc43f631eccddb0416c7e112f5b15af3717b

    • SHA256

      284aa4c432281783eaba38d0722581e71ff2b9529bdfda544a7003f5fbd9c383

    • SHA512

      ab14f1342ff0e53c9693919cceebd06a58ff2c10e8fa5dac1f443b247f484c2dbf01ddd659489ff1ebb9250354a85b6de7ac0c91534a0321a9b3ef19b4d4217c

    • SSDEEP

      98304:5xH8Ud5H1YyQ2kPqMRCFbuDxFUyBSci29FG3oiQA8MumSDMYBRtn:X8Ud5H1YorgDVUhL8Mu6wfn

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Modifies Windows Firewall

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks