Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e7a02922687ff5c47aa236a92977a7ac3145068210e4a1b8a24559ea99feea3d

  • Size

    4.2MB

  • Sample

    231116-gdqvrsha9y

  • MD5

    77aef547ab6abb3c133c8380a609a3b4

  • SHA1

    730d3298f045523be4063590891740c5b47e165f

  • SHA256

    e7a02922687ff5c47aa236a92977a7ac3145068210e4a1b8a24559ea99feea3d

  • SHA512

    bd86565457817b084117bca5120cd65b77a3a03023e75b6f0a1547f05b09a4e0770dc4b8434e350b92e562785f19d66160585241c4209339babd848155bb2272

  • SSDEEP

    98304:09M9U+zveFd8itJtRStO0JWkONG13pGEcE42kp:KcU+z0d8IJt4lh8GtpG7X

Malware Config

Targets

    • Target

      e7a02922687ff5c47aa236a92977a7ac3145068210e4a1b8a24559ea99feea3d

    • Size

      4.2MB

    • MD5

      77aef547ab6abb3c133c8380a609a3b4

    • SHA1

      730d3298f045523be4063590891740c5b47e165f

    • SHA256

      e7a02922687ff5c47aa236a92977a7ac3145068210e4a1b8a24559ea99feea3d

    • SHA512

      bd86565457817b084117bca5120cd65b77a3a03023e75b6f0a1547f05b09a4e0770dc4b8434e350b92e562785f19d66160585241c4209339babd848155bb2272

    • SSDEEP

      98304:09M9U+zveFd8itJtRStO0JWkONG13pGEcE42kp:KcU+z0d8IJt4lh8GtpG7X

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Windows security bypass

    • Modifies Windows Firewall

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks