Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
14/11/2023, 16:34
231114-t3fsbacd46 10General
-
Target
04b82eadb3e48f50fd2a7cdd8bf7a2a77e50dc89ae4ff4c31a981a9fc8e7c5bd
-
Size
4.1MB
-
Sample
231114-t3fsbacd46
-
MD5
2f1633d2b4d6848195ca27c6b7906e8f
-
SHA1
a57f17b0b2c099bde00c9dec1d7588446babce8e
-
SHA256
04b82eadb3e48f50fd2a7cdd8bf7a2a77e50dc89ae4ff4c31a981a9fc8e7c5bd
-
SHA512
1e1d59e92d9d368c733f1095001484b2be84b7506a328b572cb8aac0e3001c28a827419e2f6db5987efdcc65dd430e7ddc7095852ff5b2517db812c5f6f14619
-
SSDEEP
98304:Z7YetR2/ObkBMEj9rmVW9e77Li2Fiew6uB/31:5Yetgi2nj9yD7vi2+6up1
Static task
static1
Malware Config
Targets
-
-
Target
04b82eadb3e48f50fd2a7cdd8bf7a2a77e50dc89ae4ff4c31a981a9fc8e7c5bd
-
Size
4.1MB
-
MD5
2f1633d2b4d6848195ca27c6b7906e8f
-
SHA1
a57f17b0b2c099bde00c9dec1d7588446babce8e
-
SHA256
04b82eadb3e48f50fd2a7cdd8bf7a2a77e50dc89ae4ff4c31a981a9fc8e7c5bd
-
SHA512
1e1d59e92d9d368c733f1095001484b2be84b7506a328b572cb8aac0e3001c28a827419e2f6db5987efdcc65dd430e7ddc7095852ff5b2517db812c5f6f14619
-
SSDEEP
98304:Z7YetR2/ObkBMEj9rmVW9e77Li2Fiew6uB/31:5Yetgi2nj9yD7vi2+6up1
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1