Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4f8670f1f3022f7fde10833446afb03a229f11a3e308d5659cb2db535975996e

  • Size

    4.1MB

  • Sample

    231106-bh8ngsgh35

  • MD5

    346f7cec1ca5e01ad4915782a9766e2f

  • SHA1

    2626ca931cf677616212e7cb42c813425da7b597

  • SHA256

    4f8670f1f3022f7fde10833446afb03a229f11a3e308d5659cb2db535975996e

  • SHA512

    4e1abff954a2601dc89800ae37d4416655c10918bc85a20cd794b001eb0b9d8ad41dfc5f6b538fc2d0f321b060f7513886953038382f6547c356cabbbe25f1a5

  • SSDEEP

    98304:NdTo180BUDmy/cmtnZjtg+GKFSPeUtG02X:/oC0KDjtJUtG0e

Malware Config

Targets

    • Target

      4f8670f1f3022f7fde10833446afb03a229f11a3e308d5659cb2db535975996e

    • Size

      4.1MB

    • MD5

      346f7cec1ca5e01ad4915782a9766e2f

    • SHA1

      2626ca931cf677616212e7cb42c813425da7b597

    • SHA256

      4f8670f1f3022f7fde10833446afb03a229f11a3e308d5659cb2db535975996e

    • SHA512

      4e1abff954a2601dc89800ae37d4416655c10918bc85a20cd794b001eb0b9d8ad41dfc5f6b538fc2d0f321b060f7513886953038382f6547c356cabbbe25f1a5

    • SSDEEP

      98304:NdTo180BUDmy/cmtnZjtg+GKFSPeUtG02X:/oC0KDjtJUtG0e

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Windows security bypass

    • Modifies Windows Firewall

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks