Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e5f35a540a59ceec36f25192fd501a85278b575cbff601980c946a373fc914b2

  • Size

    4.1MB

  • Sample

    231112-vwr3fahd31

  • MD5

    20346c14a5d6046612dfef269d0dddb0

  • SHA1

    544c70b6b4202706eafcd3cf8bf399a1bb113e72

  • SHA256

    e5f35a540a59ceec36f25192fd501a85278b575cbff601980c946a373fc914b2

  • SHA512

    03a6264cb1f3f54071bacf7d5c63ff5bb076e899d1b66ba8a0dd6debccf439f4615879fdf020ff116b758a4a384836d78639136b36891a960d4e0cd3bed78c44

  • SSDEEP

    98304:T4m/rubTkpC5ed0r3eLOS0vwOeytex7jRmkVQw7tg8Zt:sm/rubTXr3e7Dx7jM87tlH

Malware Config

Targets

    • Target

      e5f35a540a59ceec36f25192fd501a85278b575cbff601980c946a373fc914b2

    • Size

      4.1MB

    • MD5

      20346c14a5d6046612dfef269d0dddb0

    • SHA1

      544c70b6b4202706eafcd3cf8bf399a1bb113e72

    • SHA256

      e5f35a540a59ceec36f25192fd501a85278b575cbff601980c946a373fc914b2

    • SHA512

      03a6264cb1f3f54071bacf7d5c63ff5bb076e899d1b66ba8a0dd6debccf439f4615879fdf020ff116b758a4a384836d78639136b36891a960d4e0cd3bed78c44

    • SSDEEP

      98304:T4m/rubTkpC5ed0r3eLOS0vwOeytex7jRmkVQw7tg8Zt:sm/rubTXr3e7Dx7jM87tlH

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Windows security bypass

    • Modifies Windows Firewall

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks