Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    69994911de6f7df56bee03cc24d3d1a8bf8ea141b7bb88682c18df33db951d88

  • Size

    4.1MB

  • Sample

    231012-p3ta7acg62

  • MD5

    cfa4329a4e3bfd2be0893a696a87562a

  • SHA1

    16a57830761b39a25a822729302b6b436faab7e6

  • SHA256

    69994911de6f7df56bee03cc24d3d1a8bf8ea141b7bb88682c18df33db951d88

  • SHA512

    f4a1bb41056fd84670938dcaa00fa9cbd4e207e62598265f41829105012199a27b5223942666b06a88a5c3584915f7ec4fc1f8a99399ebf73eeb0ec1988d8b3a

  • SSDEEP

    98304:yRebotf7VEwlZaK5tBPzNfl6TiolnFsycGc2+UcSX84gbqKEDV:awotDVJZa0PYdv7ZsRTEx

Malware Config

Targets

    • Target

      69994911de6f7df56bee03cc24d3d1a8bf8ea141b7bb88682c18df33db951d88

    • Size

      4.1MB

    • MD5

      cfa4329a4e3bfd2be0893a696a87562a

    • SHA1

      16a57830761b39a25a822729302b6b436faab7e6

    • SHA256

      69994911de6f7df56bee03cc24d3d1a8bf8ea141b7bb88682c18df33db951d88

    • SHA512

      f4a1bb41056fd84670938dcaa00fa9cbd4e207e62598265f41829105012199a27b5223942666b06a88a5c3584915f7ec4fc1f8a99399ebf73eeb0ec1988d8b3a

    • SSDEEP

      98304:yRebotf7VEwlZaK5tBPzNfl6TiolnFsycGc2+UcSX84gbqKEDV:awotDVJZa0PYdv7ZsRTEx

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Windows security bypass

    • Modifies Windows Firewall

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks