Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cf58b207bf60574254b7bce9f588a36fa9d2466128403c3d1eb8b85f1be84351
-
Size
374KB
-
Sample
231231-qs7lhaehh4
-
MD5
6c2c08f590997758a68212c53ffc2f0c
-
SHA1
e6878c8da32a8e4a1f41b0551df980a36f897f42
-
SHA256
cf58b207bf60574254b7bce9f588a36fa9d2466128403c3d1eb8b85f1be84351
-
SHA512
5153737d6290bb6cff4bb1e237a8d3a20603c7e69eec8af6999092c81f13976d43bcc910ab5c77fa887c7b96182efb065137541235f50d354aa099b97b8502a5
-
SSDEEP
6144:NjO+L1Czkq7KTW1Dl/saQ9rtYm3okqoBSpH50KcddsVRZdaiYviQJqOC5cpQwmB:ZMzpOTY+JzYmE7R55udm7U5JTqwe
Malware Config
Targets
-
-
Target
cf58b207bf60574254b7bce9f588a36fa9d2466128403c3d1eb8b85f1be84351
-
Size
374KB
-
MD5
6c2c08f590997758a68212c53ffc2f0c
-
SHA1
e6878c8da32a8e4a1f41b0551df980a36f897f42
-
SHA256
cf58b207bf60574254b7bce9f588a36fa9d2466128403c3d1eb8b85f1be84351
-
SHA512
5153737d6290bb6cff4bb1e237a8d3a20603c7e69eec8af6999092c81f13976d43bcc910ab5c77fa887c7b96182efb065137541235f50d354aa099b97b8502a5
-
SSDEEP
6144:NjO+L1Czkq7KTW1Dl/saQ9rtYm3okqoBSpH50KcddsVRZdaiYviQJqOC5cpQwmB:ZMzpOTY+JzYmE7R55udm7U5JTqwe
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-