Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    tmp

  • Size

    607KB

  • Sample

    230401-xhz71adc3v

  • MD5

    88d4b33b0854a8e8855e83346db43ed0

  • SHA1

    614062b3c025aca295d894d686c06d6d87e503ab

  • SHA256

    0732e73d481ef2f0e87eddda5f2007980b029dfee54e95b515d4681ccdcb9995

  • SHA512

    d8e425eb5888d856d43bdc77c60a4df59da00f2c6fa5d539e985c15a475d97227c98b0f2d2d78d7ffb1a10a1c86d0cbef08c3cf21f0c7903eb912680860a80b9

  • SSDEEP

    6144:GM+FB2QUmqzxBL6i0pqe3O5LLFnbHaGvpoMOsYOl0WXVKFE:GM8kFmwr+igqe3EHrHrYOl0WXVKC

Score
7/10

Malware Config

Targets

    • Target

      tmp

    • Size

      607KB

    • MD5

      88d4b33b0854a8e8855e83346db43ed0

    • SHA1

      614062b3c025aca295d894d686c06d6d87e503ab

    • SHA256

      0732e73d481ef2f0e87eddda5f2007980b029dfee54e95b515d4681ccdcb9995

    • SHA512

      d8e425eb5888d856d43bdc77c60a4df59da00f2c6fa5d539e985c15a475d97227c98b0f2d2d78d7ffb1a10a1c86d0cbef08c3cf21f0c7903eb912680860a80b9

    • SSDEEP

      6144:GM+FB2QUmqzxBL6i0pqe3O5LLFnbHaGvpoMOsYOl0WXVKFE:GM8kFmwr+igqe3EHrHrYOl0WXVKC

    Score
    7/10
    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks