Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0c56b0c9bc116353a25ab0c22bcdc043ba93024e572431d920fa34ec3c4e5209
-
Size
537KB
-
Sample
231116-yla8qafa86
-
MD5
ada42bc98a05a0ffe6bc97cedc50197c
-
SHA1
3d1209bcddf2787e29d1fd354abfcbaf4ffeefc7
-
SHA256
0c56b0c9bc116353a25ab0c22bcdc043ba93024e572431d920fa34ec3c4e5209
-
SHA512
aa9619c23c1afe56a824fa980d6bf61ffb2bd1d962b6551a1569a79c1990a316df93af76700dbbcc37259ec8caeaa6f5309b19a6c32c47992efdd39f619b647c
-
SSDEEP
12288:8IHDE4QGEc9C6CBLKYOfH+OkfGhzlRYO0tHs3jiojajWv+Mb5:JjE4QGF46KLHOfeO+qctH+jdjPvRb5
Malware Config
Targets
-
-
Target
0c56b0c9bc116353a25ab0c22bcdc043ba93024e572431d920fa34ec3c4e5209
-
Size
537KB
-
MD5
ada42bc98a05a0ffe6bc97cedc50197c
-
SHA1
3d1209bcddf2787e29d1fd354abfcbaf4ffeefc7
-
SHA256
0c56b0c9bc116353a25ab0c22bcdc043ba93024e572431d920fa34ec3c4e5209
-
SHA512
aa9619c23c1afe56a824fa980d6bf61ffb2bd1d962b6551a1569a79c1990a316df93af76700dbbcc37259ec8caeaa6f5309b19a6c32c47992efdd39f619b647c
-
SSDEEP
12288:8IHDE4QGEc9C6CBLKYOfH+OkfGhzlRYO0tHs3jiojajWv+Mb5:JjE4QGF46KLHOfeO+qctH+jdjPvRb5
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-