Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    86708573785c3eaff0a6a5295bdb2b61

  • Size

    78KB

  • Sample

    240201-kmncsahhcn

  • MD5

    86708573785c3eaff0a6a5295bdb2b61

  • SHA1

    218eb32d41e4506c327c47e21e1ded982fc89db4

  • SHA256

    a32ee6a1016da3fa161567b7c6076f04349bbf68dd8d0121216dc87d945a8291

  • SHA512

    932e1ef0b38eebad4ecc355a52350c7f998262af132817c0a27833e961eeb6b6602cb6acedb0dd2cc4bca21d5bb6e0935a63ea2f7db7858db07176616b7f6c98

  • SSDEEP

    1536:sCHFo6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQten9/S1/p:sCHFon3xSyRxvY3md+dWWZyen9/y

Malware Config

Targets

    • Target

      86708573785c3eaff0a6a5295bdb2b61

    • Size

      78KB

    • MD5

      86708573785c3eaff0a6a5295bdb2b61

    • SHA1

      218eb32d41e4506c327c47e21e1ded982fc89db4

    • SHA256

      a32ee6a1016da3fa161567b7c6076f04349bbf68dd8d0121216dc87d945a8291

    • SHA512

      932e1ef0b38eebad4ecc355a52350c7f998262af132817c0a27833e961eeb6b6602cb6acedb0dd2cc4bca21d5bb6e0935a63ea2f7db7858db07176616b7f6c98

    • SSDEEP

      1536:sCHFo6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQten9/S1/p:sCHFon3xSyRxvY3md+dWWZyen9/y

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks