Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    generator.exe

  • Size

    70.9MB

  • Sample

    231124-swx8cacc58

  • MD5

    680ec4f15e74372f4814288d994cd602

  • SHA1

    33265e490b30eef8dc2e5740a2867e2b708974d8

  • SHA256

    e06ecabc302b098f3336fb21d126a1b69d44114f454ea9e1ba43ef599f3e53f9

  • SHA512

    ed12d9b018a5d679065abe59676a71fb9d566504b4b05cb5fda08a822cf0074b8ad29f9e656abc8c5e0613febf5320a5101d99df00baea6f3bb109cc78a80326

  • SSDEEP

    1572864:B4/4rzOchP1vtuL6AEyqYMSvEDtqJQZbXj9hCbB9MvNgqgB7:WkqcdiLZ7Do4JijEcNgqS7

Score
8/10

Malware Config

Targets

    • Target

      generator.exe

    • Size

      70.9MB

    • MD5

      680ec4f15e74372f4814288d994cd602

    • SHA1

      33265e490b30eef8dc2e5740a2867e2b708974d8

    • SHA256

      e06ecabc302b098f3336fb21d126a1b69d44114f454ea9e1ba43ef599f3e53f9

    • SHA512

      ed12d9b018a5d679065abe59676a71fb9d566504b4b05cb5fda08a822cf0074b8ad29f9e656abc8c5e0613febf5320a5101d99df00baea6f3bb109cc78a80326

    • SSDEEP

      1572864:B4/4rzOchP1vtuL6AEyqYMSvEDtqJQZbXj9hCbB9MvNgqgB7:WkqcdiLZ7Do4JijEcNgqS7

    Score
    8/10
    • Downloads MZ/PE file

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks