Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    84ec1faa102886b5298fbcfd6c03b23ad122ae667ca26d35a056428ddfa1bddd

  • Size

    4.2MB

  • Sample

    221206-wpdf5sbb46

  • MD5

    9e87cde8558eaaa42dec1e63672f79ad

  • SHA1

    584ecae7b988f4cac073e772da906f6c49673102

  • SHA256

    84ec1faa102886b5298fbcfd6c03b23ad122ae667ca26d35a056428ddfa1bddd

  • SHA512

    a2f6f21e94e05f5a2d5ecedf73f9ce1e37c1de55e2028ef42661106269c1e7e702501d11d926dcb90bd8b614243af8ce542fc30185d6e87fbe2fe946057706bc

  • SSDEEP

    98304:IhIEZOuzMuX5ajZEuYKK/pnfy0dBCSVb/gMpC+5PUrDjjIK3QHcb/:5EZO6cfYX/E0bReIcrfjbh/

Malware Config

Targets

    • Target

      84ec1faa102886b5298fbcfd6c03b23ad122ae667ca26d35a056428ddfa1bddd

    • Size

      4.2MB

    • MD5

      9e87cde8558eaaa42dec1e63672f79ad

    • SHA1

      584ecae7b988f4cac073e772da906f6c49673102

    • SHA256

      84ec1faa102886b5298fbcfd6c03b23ad122ae667ca26d35a056428ddfa1bddd

    • SHA512

      a2f6f21e94e05f5a2d5ecedf73f9ce1e37c1de55e2028ef42661106269c1e7e702501d11d926dcb90bd8b614243af8ce542fc30185d6e87fbe2fe946057706bc

    • SSDEEP

      98304:IhIEZOuzMuX5ajZEuYKK/pnfy0dBCSVb/gMpC+5PUrDjjIK3QHcb/:5EZO6cfYX/E0bReIcrfjbh/

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Modifies Windows Firewall

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks