Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    825280709d491728cded1f35ec03e8777e73a792ab557695d17a4414504428ce

  • Size

    114KB

  • Sample

    221107-ytx3fsfeb5

  • MD5

    04e0335ba46c6fb87c2e98cf58bafdc6

  • SHA1

    985844b75616173aef12353e05440cf49abeee7a

  • SHA256

    825280709d491728cded1f35ec03e8777e73a792ab557695d17a4414504428ce

  • SHA512

    2b2b57e1792335c1cf1a3799755e9cfb837a3542ca4ac888785ba6c40935f49815c79a274f50c0df8f6018737fb9696bb9abf66f6826ec269062c4840a3dcaf7

  • SSDEEP

    3072:Eoy8j7VnNdrPHaSekwi+mWJJlQlDADkLAout6:08jZ7rvaU3+mWJk0DfoS6

Malware Config

Targets

    • Target

      825280709d491728cded1f35ec03e8777e73a792ab557695d17a4414504428ce

    • Size

      114KB

    • MD5

      04e0335ba46c6fb87c2e98cf58bafdc6

    • SHA1

      985844b75616173aef12353e05440cf49abeee7a

    • SHA256

      825280709d491728cded1f35ec03e8777e73a792ab557695d17a4414504428ce

    • SHA512

      2b2b57e1792335c1cf1a3799755e9cfb837a3542ca4ac888785ba6c40935f49815c79a274f50c0df8f6018737fb9696bb9abf66f6826ec269062c4840a3dcaf7

    • SSDEEP

      3072:Eoy8j7VnNdrPHaSekwi+mWJJlQlDADkLAout6:08jZ7rvaU3+mWJk0DfoS6

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • UAC bypass

    • ModiLoader Second Stage

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks