Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Cheater.Pro.1.6.0.msi

  • Size

    2.9MB

  • Sample

    240109-y3hn5aahh8

  • MD5

    eecb590907a5720bba1c7483f5178081

  • SHA1

    3dbded201fca12d8162705cd0c19312fb01b1216

  • SHA256

    bd9ddcb74f8eb5078d3be35af96b1b796bb4cfbc5572325cacda5fe40a2e75a8

  • SHA512

    442ee9b069d1f62910aba0e9ca1589d644751cafd432dd1fd36231bff23a87c226c616a621d85d14e3ececc54296771f072f9fbe1e554963b70348f56caeb355

  • SSDEEP

    49152:Qwp9ib+ZKumZr1q4Fb6HXr1iWnYs4ntHurpllQ6atuxtZcTreUuyZD6lvVz9VSDZ:gYKFFnWnkuxUTgvV/+lfh

Score
7/10

Malware Config

Targets

    • Target

      Cheater.Pro.1.6.0.msi

    • Size

      2.9MB

    • MD5

      eecb590907a5720bba1c7483f5178081

    • SHA1

      3dbded201fca12d8162705cd0c19312fb01b1216

    • SHA256

      bd9ddcb74f8eb5078d3be35af96b1b796bb4cfbc5572325cacda5fe40a2e75a8

    • SHA512

      442ee9b069d1f62910aba0e9ca1589d644751cafd432dd1fd36231bff23a87c226c616a621d85d14e3ececc54296771f072f9fbe1e554963b70348f56caeb355

    • SSDEEP

      49152:Qwp9ib+ZKumZr1q4Fb6HXr1iWnYs4ntHurpllQ6atuxtZcTreUuyZD6lvVz9VSDZ:gYKFFnWnkuxUTgvV/+lfh

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks