Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bf2eb931487038b394805f31e587edae17f86544cc982575db0f39279ab7b40f
-
Size
4.0MB
-
Sample
230213-m93r4acc2x
-
MD5
8ba03b75db3188dadccc3a970255b49c
-
SHA1
7e66c32cf30c8c1d43bc46b63cf14e6daea55bce
-
SHA256
bf2eb931487038b394805f31e587edae17f86544cc982575db0f39279ab7b40f
-
SHA512
841b8cf84881473bea13ec00e31622abf980135da6de6341dd6f06d80afb5a8a65b03b09657fc1b6485e21a9ac2b70865aa382f3915d8626598bdb7c044be738
-
SSDEEP
49152:B2DhrW4INFN9HYWDUEksBHazfb+Sudew96o8R5aMeaDZnWxqlzBOfQu8vGWq4aaF:MiNtY7EkdVw4o8HaMWxq3Of4+dDiXelS
Malware Config
Targets
-
-
Target
bf2eb931487038b394805f31e587edae17f86544cc982575db0f39279ab7b40f
-
Size
4.0MB
-
MD5
8ba03b75db3188dadccc3a970255b49c
-
SHA1
7e66c32cf30c8c1d43bc46b63cf14e6daea55bce
-
SHA256
bf2eb931487038b394805f31e587edae17f86544cc982575db0f39279ab7b40f
-
SHA512
841b8cf84881473bea13ec00e31622abf980135da6de6341dd6f06d80afb5a8a65b03b09657fc1b6485e21a9ac2b70865aa382f3915d8626598bdb7c044be738
-
SSDEEP
49152:B2DhrW4INFN9HYWDUEksBHazfb+Sudew96o8R5aMeaDZnWxqlzBOfQu8vGWq4aaF:MiNtY7EkdVw4o8HaMWxq3Of4+dDiXelS
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-