Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    loader.exe

  • Size

    17.6MB

  • Sample

    240102-tae1bahagq

  • MD5

    3232a00b6b167bee1e1c7c746e295967

  • SHA1

    3b3ed50193a3094947cad30de1bbef9fbba1a4de

  • SHA256

    956a268fd0f7a131c0a4a738f815aea3cbddfdc3961607baff3ed881efe4843d

  • SHA512

    464f1269f7aba14875c03841c8ddbae67291d8e24deb3061d6e3238837a1daffa2d28323126debc38c851b0481d3a740299c35b20f6c1d12fbad0e74d37341e7

  • SSDEEP

    393216:qqPnLFXlreQpDOETgsvfGFwSgNyvEzETlLtq:/PLFXNeQoEu2LApY

Malware Config

Targets

    • Target

      loader.exe

    • Size

      17.6MB

    • MD5

      3232a00b6b167bee1e1c7c746e295967

    • SHA1

      3b3ed50193a3094947cad30de1bbef9fbba1a4de

    • SHA256

      956a268fd0f7a131c0a4a738f815aea3cbddfdc3961607baff3ed881efe4843d

    • SHA512

      464f1269f7aba14875c03841c8ddbae67291d8e24deb3061d6e3238837a1daffa2d28323126debc38c851b0481d3a740299c35b20f6c1d12fbad0e74d37341e7

    • SSDEEP

      393216:qqPnLFXlreQpDOETgsvfGFwSgNyvEzETlLtq:/PLFXNeQoEu2LApY

    Score
    7/10
    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      main.pyc

    • Size

      7KB

    • MD5

      bf3aae7ae48bfea005e6b8b45c6e46b1

    • SHA1

      6f73ec91450e96868cd29b80d62a5fd917ecbad3

    • SHA256

      1ebffcbd4407050927d8505b87a8b37016aaa02ee151c250bc2ff71231a99409

    • SHA512

      86531a4e085add134ce8257def39f3a99dfe8a6a4775de3ce38fbc845b41cce6965d591a7fd85438936ba4e9ebbbf9d16e4637d49194ee75bee5c59b78259cb9

    • SSDEEP

      192:wKUuc6BnD8OGXWdXwpP7+5fAcJhwlrhirMdwbnw:7USL8WuF+fD2lrhsPbw

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks