Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JC_817492ecf2bf99cefbae7f2597ff273b62aaa0abde51176eabc89485840b10b7

  • Size

    4.2MB

  • Sample

    231013-c6axssbb6t

  • MD5

    902a6864c77a1156e2acf968217fc068

  • SHA1

    c721a18cf0f7577f1b034c2867fa6e787d20b66a

  • SHA256

    817492ecf2bf99cefbae7f2597ff273b62aaa0abde51176eabc89485840b10b7

  • SHA512

    273c2e0ccf0fbd42611d1e190ce53620dac19b209a12840b8ca3ffc9744b271ca5246ff0ad269f57aa2cd7364f3642386bdde44beb3c566bf0f80bb0b90b77c8

  • SSDEEP

    98304:v2LSaMsua00GVP4yTqyN9qqOwAlVOkMhr2c+PXxYGrYCnb5iVp8:uSaMsn00OaEsJO3hCc+Prbkg

Malware Config

Targets

    • Target

      JC_817492ecf2bf99cefbae7f2597ff273b62aaa0abde51176eabc89485840b10b7

    • Size

      4.2MB

    • MD5

      902a6864c77a1156e2acf968217fc068

    • SHA1

      c721a18cf0f7577f1b034c2867fa6e787d20b66a

    • SHA256

      817492ecf2bf99cefbae7f2597ff273b62aaa0abde51176eabc89485840b10b7

    • SHA512

      273c2e0ccf0fbd42611d1e190ce53620dac19b209a12840b8ca3ffc9744b271ca5246ff0ad269f57aa2cd7364f3642386bdde44beb3c566bf0f80bb0b90b77c8

    • SSDEEP

      98304:v2LSaMsua00GVP4yTqyN9qqOwAlVOkMhr2c+PXxYGrYCnb5iVp8:uSaMsn00OaEsJO3hCc+Prbkg

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Modifies boot configuration data using bcdedit

    • Modifies Windows Firewall

    • Possible attempt to disable PatchGuard

      Rootkits can use kernel patching to embed themselves in an operating system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks