Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    BypassLoader.exe

  • Size

    803KB

  • Sample

    231013-c9dg4abc5v

  • MD5

    7a55ed8e73f430327a2c8b189d837cd5

  • SHA1

    ddbd958dc03cc94b4d7f035edc10826b8959c965

  • SHA256

    31045e8b843ce541daf06fd133180f8ff675b3f9b729a11c85c3137fab188256

  • SHA512

    ee8a6d6d6a284af233559b604d26be71b5079aa4c6619a2733fef8f3d60be3a9f09a617d1ec82094a23e9ba9aed0a81ea3ce25daab3ec49d10e57da0ca3aa316

  • SSDEEP

    12288:QBCb1unQrlLM3z7PBWmEUWXS+CO0G03NquQENps9US+F:QIRhLM3QOwS+OG8YzENpf

Score
10/10

Malware Config

Targets

    • Target

      BypassLoader.exe

    • Size

      803KB

    • MD5

      7a55ed8e73f430327a2c8b189d837cd5

    • SHA1

      ddbd958dc03cc94b4d7f035edc10826b8959c965

    • SHA256

      31045e8b843ce541daf06fd133180f8ff675b3f9b729a11c85c3137fab188256

    • SHA512

      ee8a6d6d6a284af233559b604d26be71b5079aa4c6619a2733fef8f3d60be3a9f09a617d1ec82094a23e9ba9aed0a81ea3ce25daab3ec49d10e57da0ca3aa316

    • SSDEEP

      12288:QBCb1unQrlLM3z7PBWmEUWXS+CO0G03NquQENps9US+F:QIRhLM3QOwS+OG8YzENpf

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks