Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    freedomgpt-1.1.3.Setup.exe

  • Size

    94.4MB

  • Sample

    230508-bpbbkaac71

  • MD5

    d71e86e91c1523d75ba112f9953d551a

  • SHA1

    8b76138584149289eb771c2ca6fac65e85888b18

  • SHA256

    bf6ed975a4c4f770294623c0c2a27846c1db7e2ab6cdb272cc2080341e7f8c34

  • SHA512

    2d9c811404febcc53b99c34f03f5d0f851a8416a3cf3b18ee27944009868ff6d4abe81ac75beac0ac3e0deed1ebe20e11faaab201d3bda2ce7b1c552865ad670

  • SSDEEP

    1572864:jCgNjVW/qgFGkVyMmi82RP0F4ry9Fq8GWK/O0SzpRTrcxRYTkhQnoYqbDBZj0T:jdWZG0yM/je7qRWK/0lRTrcyBn3gDvjO

Score
7/10

Malware Config

Targets

    • Target

      freedomgpt-1.1.3.Setup.exe

    • Size

      94.4MB

    • MD5

      d71e86e91c1523d75ba112f9953d551a

    • SHA1

      8b76138584149289eb771c2ca6fac65e85888b18

    • SHA256

      bf6ed975a4c4f770294623c0c2a27846c1db7e2ab6cdb272cc2080341e7f8c34

    • SHA512

      2d9c811404febcc53b99c34f03f5d0f851a8416a3cf3b18ee27944009868ff6d4abe81ac75beac0ac3e0deed1ebe20e11faaab201d3bda2ce7b1c552865ad670

    • SSDEEP

      1572864:jCgNjVW/qgFGkVyMmi82RP0F4ry9Fq8GWK/O0SzpRTrcxRYTkhQnoYqbDBZj0T:jdWZG0yM/je7qRWK/0lRTrcyBn3gDvjO

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks