Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    EntityClumsy.exe

  • Size

    17.7MB

  • Sample

    240104-y7gbvsagaq

  • MD5

    1704d83265851952bb65f07c6a4e4195

  • SHA1

    d0e71fcd720ecc44411a57fd432b710911034a14

  • SHA256

    893491377ed98ebb93812d1f3efdd4e2b78e0bad4c76c21fef6640a5f99530fa

  • SHA512

    9c4c7dacfb01b5d8a8ef0e411678fcfa60b9a987ed76a5e19b546144d44f91b53b46cbdce85dfe06e67f3880e4c21f0e385c7d7e4cca4d1ed988ac7b8f4437ff

  • SSDEEP

    393216:dqPnLFXlreQpDOETgsvfGFw2gzKfvEqx9X6bq:kPLFXNeQoEKWKkSXL

Malware Config

Targets

    • Target

      EntityClumsy.exe

    • Size

      17.7MB

    • MD5

      1704d83265851952bb65f07c6a4e4195

    • SHA1

      d0e71fcd720ecc44411a57fd432b710911034a14

    • SHA256

      893491377ed98ebb93812d1f3efdd4e2b78e0bad4c76c21fef6640a5f99530fa

    • SHA512

      9c4c7dacfb01b5d8a8ef0e411678fcfa60b9a987ed76a5e19b546144d44f91b53b46cbdce85dfe06e67f3880e4c21f0e385c7d7e4cca4d1ed988ac7b8f4437ff

    • SSDEEP

      393216:dqPnLFXlreQpDOETgsvfGFw2gzKfvEqx9X6bq:kPLFXNeQoEKWKkSXL

    Score
    7/10
    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      main.pyc

    • Size

      7KB

    • MD5

      b83b6294461110de382d088291ae8b23

    • SHA1

      71e645d51d9eb0036af62193eef81136fbb5210d

    • SHA256

      8243661bcea035a41f2b795f07994255aab70c75af75e963b47d6142bf5f6992

    • SHA512

      267617f9187332caa652376e5c194e64055580b2cfd6c60f785da1e681711be846f917fc3a09932ee7b20464cd5d00a24f487af8d129db517177d70e497d72a4

    • SSDEEP

      192:wcKOeoZwRH71D8DtT6WdXwoD+RuRQJhwS3rMdw39nw:SH7JWu2+RT2SbP39w

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks