Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    813d637ec255781399bc651bc1e61b87

  • Size

    98KB

  • Sample

    231220-d4appaacgp

  • MD5

    813d637ec255781399bc651bc1e61b87

  • SHA1

    f0507a59c9d52c334cbd1a922682cb469d431260

  • SHA256

    cbd471a4ad96ad6016036e0295490ed833905fa2de4bd52dd6e8875b5d103b73

  • SHA512

    fc26a25677f7005e55b8df5ddd1d5015dce8cfd2c7fe34e6535d71e9a2d980a1d93065cd06d04094b2d7bf59d7e1e6425490987407a996a164f73c3c59e1f6aa

  • SSDEEP

    3072:K3Z7pJf6yG2i5HLdnxYMK9nCdsm4KKcXuGggYBK:AsDxhdxYlCKm4KKcXNggYBK

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

102.165.48.81:17769

Targets

    • Target

      813d637ec255781399bc651bc1e61b87

    • Size

      98KB

    • MD5

      813d637ec255781399bc651bc1e61b87

    • SHA1

      f0507a59c9d52c334cbd1a922682cb469d431260

    • SHA256

      cbd471a4ad96ad6016036e0295490ed833905fa2de4bd52dd6e8875b5d103b73

    • SHA512

      fc26a25677f7005e55b8df5ddd1d5015dce8cfd2c7fe34e6535d71e9a2d980a1d93065cd06d04094b2d7bf59d7e1e6425490987407a996a164f73c3c59e1f6aa

    • SSDEEP

      3072:K3Z7pJf6yG2i5HLdnxYMK9nCdsm4KKcXuGggYBK:AsDxhdxYlCKm4KKcXNggYBK

    Score
    7/10
    • Changes its process name

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks