Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    MultiExploitBuilderV1.exe

  • Size

    2.2MB

  • Sample

    230922-gdpygadf21

  • MD5

    b9fa659bd0b2b103521c686ecf3da2c7

  • SHA1

    21427801d6d99aff543964fe8f685faa196cf8f2

  • SHA256

    99a6966aea833fa53e11681cb19b336abd176eb1e477fdde957ec11954e7086d

  • SHA512

    c25bd26b8e9aba2df095e1a964a8a92c25b800a7604330ca6ee1ece89e6b680897af216905ecb40b4a4d7228a1fe857c11707248590839e7ecd2ef6c431a05d4

  • SSDEEP

    49152:bqe3f6lnC3KqopqB8YwuJQ9iEpWHGG2J/:WSi1qKqBOSwTCwR

Malware Config

Targets

    • Target

      MultiExploitBuilderV1.exe

    • Size

      2.2MB

    • MD5

      b9fa659bd0b2b103521c686ecf3da2c7

    • SHA1

      21427801d6d99aff543964fe8f685faa196cf8f2

    • SHA256

      99a6966aea833fa53e11681cb19b336abd176eb1e477fdde957ec11954e7086d

    • SHA512

      c25bd26b8e9aba2df095e1a964a8a92c25b800a7604330ca6ee1ece89e6b680897af216905ecb40b4a4d7228a1fe857c11707248590839e7ecd2ef6c431a05d4

    • SSDEEP

      49152:bqe3f6lnC3KqopqB8YwuJQ9iEpWHGG2J/:WSi1qKqBOSwTCwR

    • Creates new service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks