Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    LeagueFVM_V2.exe

  • Size

    17.7MB

  • Sample

    231208-eqf5zsad6t

  • MD5

    17cdc8d5ee9f1bb4f3da1139241306c3

  • SHA1

    afcca70481d5eb2fd9cf942920db9d1afb485d0f

  • SHA256

    0a4a9980d4c5cbd5f4489580e663b0d8026ba92c41369dda4e70980c15de645b

  • SHA512

    b6f468271dd35bbb4c44e88ec190104560de67163716925b71978456f6c7d29720c69aede0254903363b2ad4a29bc5eca7870dd1b05c1cd27ea3364f74e44b69

  • SSDEEP

    393216:9qPnLFXlrVgQpDOETgsvfGatgmr2vEKwwBmcL6q:EPLFXN6QoEphjKoir

Malware Config

Targets

    • Target

      LeagueFVM_V2.exe

    • Size

      17.7MB

    • MD5

      17cdc8d5ee9f1bb4f3da1139241306c3

    • SHA1

      afcca70481d5eb2fd9cf942920db9d1afb485d0f

    • SHA256

      0a4a9980d4c5cbd5f4489580e663b0d8026ba92c41369dda4e70980c15de645b

    • SHA512

      b6f468271dd35bbb4c44e88ec190104560de67163716925b71978456f6c7d29720c69aede0254903363b2ad4a29bc5eca7870dd1b05c1cd27ea3364f74e44b69

    • SSDEEP

      393216:9qPnLFXlrVgQpDOETgsvfGatgmr2vEKwwBmcL6q:EPLFXN6QoEphjKoir

    Score
    7/10
    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      main.pyc

    • Size

      7KB

    • MD5

      6d1b1df31c5c55c358a1aaec516a2b0f

    • SHA1

      3e8105cb808dbdf210b3c7cb93c4f0374a62239d

    • SHA256

      9182e3f9f9aa12b8ab82dc23f753697209f87cf962e9bceae07112ab33db5218

    • SHA512

      0a813c6bc36775875fa55f0f2c00049f0c78133f1fe1a65f26cd7b22491f7ee2249e5318a80fe05e64df943a5b5f348b5c92e52751af6a89459d5b6ca1968e02

    • SSDEEP

      192:w8Q2WD8QjWdXw9yDP0HimuJhwdX2aISMdwIa4xnw:9Q22Wu9y6jy2dmuPvIw

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks