Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e9eec37a4381fbec9df5885ef3910a03b3716887140b24a5fe40986fbe0f89c8

  • Size

    4.0MB

  • Sample

    230213-gx4kzabc87

  • MD5

    718b1f4da900d3cc3a85aaa4c9794ef7

  • SHA1

    9e097e57fca33e139dd3b7822e244089d1c9b400

  • SHA256

    e9eec37a4381fbec9df5885ef3910a03b3716887140b24a5fe40986fbe0f89c8

  • SHA512

    53785706338431059178789d63e9028dc75caa356ad27e93ef4d8e638d4f894488e06d2f5a1fd32afbe8c09b22f634e6822b62f3b0899cf00d4786a3ffcf3358

  • SSDEEP

    98304:A/1b7b9hEAaAQUgwHPbVxqLAMIMZEh4JWJtLd+QfvHJT9:i93LbOMMsYq+EBJ

Malware Config

Targets

    • Target

      e9eec37a4381fbec9df5885ef3910a03b3716887140b24a5fe40986fbe0f89c8

    • Size

      4.0MB

    • MD5

      718b1f4da900d3cc3a85aaa4c9794ef7

    • SHA1

      9e097e57fca33e139dd3b7822e244089d1c9b400

    • SHA256

      e9eec37a4381fbec9df5885ef3910a03b3716887140b24a5fe40986fbe0f89c8

    • SHA512

      53785706338431059178789d63e9028dc75caa356ad27e93ef4d8e638d4f894488e06d2f5a1fd32afbe8c09b22f634e6822b62f3b0899cf00d4786a3ffcf3358

    • SSDEEP

      98304:A/1b7b9hEAaAQUgwHPbVxqLAMIMZEh4JWJtLd+QfvHJT9:i93LbOMMsYq+EBJ

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Modifies Windows Firewall

    • Executes dropped EXE

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks