Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
39a3c40e26cb4b4ccfea49c2e19fa6d73ba5fe9835029f2ceedfb2eeece5eee0
-
Size
4.2MB
-
Sample
230402-f9te4agb9s
-
MD5
e252e521ad62df9660d66c0a5bc69ca0
-
SHA1
a89230ab0a49bbc36b148be5b9b2f09fc7c7964a
-
SHA256
39a3c40e26cb4b4ccfea49c2e19fa6d73ba5fe9835029f2ceedfb2eeece5eee0
-
SHA512
f5ec1b4bc9357da71e08921729e383d75015ed29826529ed57ea2e7cfeccea07ae2e7e2c6a41b32eb1110f4310170ca970a5c967048beb4034b95fb8a2620a0a
-
SSDEEP
98304:ODZilh53ArGGvY7rdAmxjeXHOA8Aht4o2/1m1mco/T8nIu:O0lhpArG1dlk+xAvr0UMgnIu
Static task
static1
Malware Config
Targets
-
-
Target
39a3c40e26cb4b4ccfea49c2e19fa6d73ba5fe9835029f2ceedfb2eeece5eee0
-
Size
4.2MB
-
MD5
e252e521ad62df9660d66c0a5bc69ca0
-
SHA1
a89230ab0a49bbc36b148be5b9b2f09fc7c7964a
-
SHA256
39a3c40e26cb4b4ccfea49c2e19fa6d73ba5fe9835029f2ceedfb2eeece5eee0
-
SHA512
f5ec1b4bc9357da71e08921729e383d75015ed29826529ed57ea2e7cfeccea07ae2e7e2c6a41b32eb1110f4310170ca970a5c967048beb4034b95fb8a2620a0a
-
SSDEEP
98304:ODZilh53ArGGvY7rdAmxjeXHOA8Aht4o2/1m1mco/T8nIu:O0lhpArG1dlk+xAvr0UMgnIu
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-