Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    mkhg_Invoice_PurpleFox.msi

  • Size

    2.9MB

  • Sample

    231011-yym32sae8t

  • MD5

    eb9a4cf233789b96f940be0186a26988

  • SHA1

    002a1cee740fa212732379d1f00dbcf7c0cccbf2

  • SHA256

    24d40ba4bf19e3cb942918eb8091ab467b11d5d737aef8e37cffc5306d0081d8

  • SHA512

    725eefc24cf43ad0d5022f20608b1d149e9a4285cde7dc21b621aca3647d402a2ac7a2c0751614bae5f6d98c2b52e280e471f7f67f8916041c042bd1911784ce

  • SSDEEP

    49152:irOlrXVVdWi59GUrSLzeaVtFUaQfqZ2jQbfcOQHe1XPVZNA+ta7Knc9vQXBlBKFk:xlFFrEYY7LXPPdHsGBlB8h24BKM

Malware Config

Targets

    • Target

      mkhg_Invoice_PurpleFox.msi

    • Size

      2.9MB

    • MD5

      eb9a4cf233789b96f940be0186a26988

    • SHA1

      002a1cee740fa212732379d1f00dbcf7c0cccbf2

    • SHA256

      24d40ba4bf19e3cb942918eb8091ab467b11d5d737aef8e37cffc5306d0081d8

    • SHA512

      725eefc24cf43ad0d5022f20608b1d149e9a4285cde7dc21b621aca3647d402a2ac7a2c0751614bae5f6d98c2b52e280e471f7f67f8916041c042bd1911784ce

    • SSDEEP

      49152:irOlrXVVdWi59GUrSLzeaVtFUaQfqZ2jQbfcOQHe1XPVZNA+ta7Knc9vQXBlBKFk:xlFFrEYY7LXPPdHsGBlB8h24BKM

    Score
    8/10
    • Stops running service(s)

    • Loads dropped DLL

    • Modifies file permissions

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks