Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SecuriteInfo.com.FileRepMalware.30879.27903

  • Size

    873KB

  • Sample

    230823-bw4xfsad5s

  • MD5

    caf76701dede999bd732180bfeb903d6

  • SHA1

    9dc98f3c210b2b78381db8fb343b38383868f4e8

  • SHA256

    a118bad62d2047fe8e2ad0cdb3aee9dd0be8daabd287e72e057531675feec3e8

  • SHA512

    5263960477620ba81c5f8cdc9cb9961127074b1d80b1581d43a0079e85f543c1fb0230b1f31ce4e366f7d8878882ecd28b8ad89f075d4dc497899465100d716a

  • SSDEEP

    12288:YZCeC1AgCsu2UL5Jb2k6woR6DSsijzmv4TsdqyL7W2NYpK/kumpP68rL9Um:AhC1yXLvR6wYsGzO/ahK/kumpP68rSm

Score
6/10

Malware Config

Targets

    • Target

      SecuriteInfo.com.FileRepMalware.30879.27903

    • Size

      873KB

    • MD5

      caf76701dede999bd732180bfeb903d6

    • SHA1

      9dc98f3c210b2b78381db8fb343b38383868f4e8

    • SHA256

      a118bad62d2047fe8e2ad0cdb3aee9dd0be8daabd287e72e057531675feec3e8

    • SHA512

      5263960477620ba81c5f8cdc9cb9961127074b1d80b1581d43a0079e85f543c1fb0230b1f31ce4e366f7d8878882ecd28b8ad89f075d4dc497899465100d716a

    • SSDEEP

      12288:YZCeC1AgCsu2UL5Jb2k6woR6DSsijzmv4TsdqyL7W2NYpK/kumpP68rL9Um:AhC1yXLvR6wYsGzO/ahK/kumpP68rSm

    Score
    6/10
    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks