Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    BloomReducer_5uTR_C8r.bat

  • Size

    17.8MB

  • Sample

    231227-3p3vcseeb2

  • MD5

    a4c3b2bb74cf716899b98ba064294126

  • SHA1

    848baacfb5bebbb19a356c85932e843c8d7b048b

  • SHA256

    3c6ab7f65df199368cf3f381e41e047c70a8bd2e93d95b8dd893b0f6ab811cc8

  • SHA512

    ad5d6f2367b558e9e6f19ca8e9a25fd4eddc4886ed654836c71f7157420fdb2d2f98f5c0fad22ed31c151e24077d8ca135f54298712b9275fd964df35c8c2aec

  • SSDEEP

    393216:PqPnLFXlrVgQpDOETgsvfGMwxgNLD+vEP2wtLyqp:iPLFXN6QoE62LD3XRDp

Malware Config

Targets

    • Target

      BloomReducer_5uTR_C8r.bat

    • Size

      17.8MB

    • MD5

      a4c3b2bb74cf716899b98ba064294126

    • SHA1

      848baacfb5bebbb19a356c85932e843c8d7b048b

    • SHA256

      3c6ab7f65df199368cf3f381e41e047c70a8bd2e93d95b8dd893b0f6ab811cc8

    • SHA512

      ad5d6f2367b558e9e6f19ca8e9a25fd4eddc4886ed654836c71f7157420fdb2d2f98f5c0fad22ed31c151e24077d8ca135f54298712b9275fd964df35c8c2aec

    • SSDEEP

      393216:PqPnLFXlrVgQpDOETgsvfGMwxgNLD+vEP2wtLyqp:iPLFXN6QoE62LD3XRDp

    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    • Target

      main.pyc

    • Size

      7KB

    • MD5

      8dd0e0695c917f1e60362e04874c1ad8

    • SHA1

      fe305045d47279c8e3f511b9171467125ac2791d

    • SHA256

      d244467b24ae13a35beffb38e94b2c11efa65a276554d343934974ad885fcf95

    • SHA512

      c9102a260331894acb43be16ae0d222432b31cdbacdb68ba3ccfef0a661c23af447f9832d3337adc0e14385a1ef8f329253d0e37efa7f2d63acd2feba4e299f7

    • SSDEEP

      192:wTxtThRPD8TDfWdXwPEFIr0JhwvBLtG6MdwhF1Hnw:UnkWudo2N7PhF1Hw

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks