Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f5e88b7c5e063fff605801de19fbda09d11c34f44331f29997ed7e4f6c157e64

  • Size

    4.1MB

  • Sample

    230930-j1k9xahh2w

  • MD5

    09f31947bf0d848ef5cd3d55ebe4acf1

  • SHA1

    fddb4dc104332c3b832751e913b7d8cc28a7e13c

  • SHA256

    f5e88b7c5e063fff605801de19fbda09d11c34f44331f29997ed7e4f6c157e64

  • SHA512

    ccfcbfdba73d041d006eff4aec539405bef766f85f02e419a92ef900fcc8002d0b36fe450757ca991d3f68325c8c4d387c34ab3a0aa2d7857ad5a6d47f6113e0

  • SSDEEP

    98304:+I8OPHwS8OmnWXU606R0g8wMu6/PruMGJPN5t0XL:R8OPQS86/06t2NG1Zo

Malware Config

Targets

    • Target

      f5e88b7c5e063fff605801de19fbda09d11c34f44331f29997ed7e4f6c157e64

    • Size

      4.1MB

    • MD5

      09f31947bf0d848ef5cd3d55ebe4acf1

    • SHA1

      fddb4dc104332c3b832751e913b7d8cc28a7e13c

    • SHA256

      f5e88b7c5e063fff605801de19fbda09d11c34f44331f29997ed7e4f6c157e64

    • SHA512

      ccfcbfdba73d041d006eff4aec539405bef766f85f02e419a92ef900fcc8002d0b36fe450757ca991d3f68325c8c4d387c34ab3a0aa2d7857ad5a6d47f6113e0

    • SSDEEP

      98304:+I8OPHwS8OmnWXU606R0g8wMu6/PruMGJPN5t0XL:R8OPQS86/06t2NG1Zo

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Windows security bypass

    • Modifies Windows Firewall

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks