Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
39e9e5fcf2eb808ebd4d627e66e4a041bf8dd9456d5e2621168361d69804e125
-
Size
4.2MB
-
Sample
230318-lle6fsbg94
-
MD5
a1596dd108deecd3fbf941d40715bd9e
-
SHA1
2e1e9981ea2e2f19a538f34d7f18401187b17917
-
SHA256
39e9e5fcf2eb808ebd4d627e66e4a041bf8dd9456d5e2621168361d69804e125
-
SHA512
ddf4460988b7899149478c95e4d247f2c477739883a3e61f99b37005d753aae4b7e12d30168743b932d72968ac4446a7814f29f07bfe31415322ace6e117b45f
-
SSDEEP
98304:YRfGpuCYDDVEUYXn42HewTcx1KgzE5K6TSJqUpUH9sltMp:tuVDDVFLoUxz2TSJq8UH9+W
Static task
static1
Malware Config
Targets
-
-
Target
39e9e5fcf2eb808ebd4d627e66e4a041bf8dd9456d5e2621168361d69804e125
-
Size
4.2MB
-
MD5
a1596dd108deecd3fbf941d40715bd9e
-
SHA1
2e1e9981ea2e2f19a538f34d7f18401187b17917
-
SHA256
39e9e5fcf2eb808ebd4d627e66e4a041bf8dd9456d5e2621168361d69804e125
-
SHA512
ddf4460988b7899149478c95e4d247f2c477739883a3e61f99b37005d753aae4b7e12d30168743b932d72968ac4446a7814f29f07bfe31415322ace6e117b45f
-
SSDEEP
98304:YRfGpuCYDDVEUYXn42HewTcx1KgzE5K6TSJqUpUH9sltMp:tuVDDVFLoUxz2TSJq8UH9+W
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-