Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
23ba3de77a14e437f3d4ceaba711474ec0d3c9074d5c414f4b5a8c25041cd4ed
-
Size
4.1MB
-
Sample
230306-t7mfnacg6z
-
MD5
898675e4d8541a43b10d356aa68076dc
-
SHA1
3d121f08ffdd84d4144473726596bef6a4e107c8
-
SHA256
23ba3de77a14e437f3d4ceaba711474ec0d3c9074d5c414f4b5a8c25041cd4ed
-
SHA512
b877a78930f1cf748bd7b0e6fd8e8f57546843203a1e5a5c0ac55b8d688cb8aba3e2ed76da73e4095b835584721a07e757fa88cf939f2b46a63b65ddf124b026
-
SSDEEP
98304:YsNdTTRx1jUsbNDzMLzrlDTE1e+B+jirSE0/52ykFUu:YMRx1V52zrlDqe+Wir90/wtUu
Malware Config
Targets
-
-
Target
23ba3de77a14e437f3d4ceaba711474ec0d3c9074d5c414f4b5a8c25041cd4ed
-
Size
4.1MB
-
MD5
898675e4d8541a43b10d356aa68076dc
-
SHA1
3d121f08ffdd84d4144473726596bef6a4e107c8
-
SHA256
23ba3de77a14e437f3d4ceaba711474ec0d3c9074d5c414f4b5a8c25041cd4ed
-
SHA512
b877a78930f1cf748bd7b0e6fd8e8f57546843203a1e5a5c0ac55b8d688cb8aba3e2ed76da73e4095b835584721a07e757fa88cf939f2b46a63b65ddf124b026
-
SSDEEP
98304:YsNdTTRx1jUsbNDzMLzrlDTE1e+B+jirSE0/52ykFUu:YMRx1V52zrlDqe+Wir90/wtUu
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Glupteba payload
-
Windows security bypass
-
Modifies Windows Firewall
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Windows security modification
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Manipulates WinMonFS driver.
Roottkits write to WinMonFS to hide directories/files from being detected.
-