Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

172dfff094...13.exe

windows7-x64

7

172dfff094...13.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    172dfff0948ffd964f872b14eb7f6913

  • Size

    78KB

  • Sample

    231230-nmpgmabca3

  • MD5

    172dfff0948ffd964f872b14eb7f6913

  • SHA1

    46210c7ff6e8c9478ab56a2b6fc51abeb884e99a

  • SHA256

    89ae493ed4bd8d89f3c014ddb2047be9a96c81b63039c9de35e115424ab32940

  • SHA512

    dcb45cc02b1d2b501ae687362eacdf9186d7872a4d24c62143f7310a93327a0bcde420ad303be80ce3d567cd2426b2673bd26f990ff714ff4a0b53397ed8b668

  • SSDEEP

    1536:zWV58/dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6F9/U1l/:zWV58en7N041Qqhgt9/M

Score
10/10
metamorpherratpersistenceratstealertrojan

Malware Config

Targets

    • Target

      172dfff0948ffd964f872b14eb7f6913

    • Size

      78KB

    • MD5

      172dfff0948ffd964f872b14eb7f6913

    • SHA1

      46210c7ff6e8c9478ab56a2b6fc51abeb884e99a

    • SHA256

      89ae493ed4bd8d89f3c014ddb2047be9a96c81b63039c9de35e115424ab32940

    • SHA512

      dcb45cc02b1d2b501ae687362eacdf9186d7872a4d24c62143f7310a93327a0bcde420ad303be80ce3d567cd2426b2673bd26f990ff714ff4a0b53397ed8b668

    • SSDEEP

      1536:zWV58/dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6F9/U1l/:zWV58en7N041Qqhgt9/M

    Score
    10/10
    persistencemetamorpherratratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks