Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
45cf09e26acea6e9d65bfef33939f4cc.exe
-
Size
4.4MB
-
Sample
240106-mefzvaegh8
-
MD5
45cf09e26acea6e9d65bfef33939f4cc
-
SHA1
0f8fde24d0f0cabbcfcd97eb1b7ae84f4cbd4331
-
SHA256
b25b92d25b55c23f75775f1f50e83d5efc2881e8bdb02c0d2a3c3b4b21ccb9eb
-
SHA512
8913e691f5e6f449cad2d0836635b148b0fc98411218b7f2f4920b40cb8ad9ae8b385a88806a045aaeca477076180ab3087519e0d1ab4345bac82a9739a9af35
-
SSDEEP
98304:YoIRGeaWtfnBWWGqJlOOpLFWikkLMXwxFr8oiWtWKo4pX0x:mvnhGqJlOOjWRkLMAxFDF9
Static task
static1
Behavioral task
behavioral1
Sample
45cf09e26acea6e9d65bfef33939f4cc.exe
Resource
win7-20231215-en
Malware Config
Extracted
metasploit
windows/single_exec
Targets
-
-
Target
45cf09e26acea6e9d65bfef33939f4cc.exe
-
Size
4.4MB
-
MD5
45cf09e26acea6e9d65bfef33939f4cc
-
SHA1
0f8fde24d0f0cabbcfcd97eb1b7ae84f4cbd4331
-
SHA256
b25b92d25b55c23f75775f1f50e83d5efc2881e8bdb02c0d2a3c3b4b21ccb9eb
-
SHA512
8913e691f5e6f449cad2d0836635b148b0fc98411218b7f2f4920b40cb8ad9ae8b385a88806a045aaeca477076180ab3087519e0d1ab4345bac82a9739a9af35
-
SSDEEP
98304:YoIRGeaWtfnBWWGqJlOOpLFWikkLMXwxFr8oiWtWKo4pX0x:mvnhGqJlOOjWRkLMAxFDF9
-
Glupteba payload
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-