Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Loader.exe

  • Size

    37.3MB

  • Sample

    240217-1ej86aah9y

  • MD5

    8cd0d008be24ccab19c5cd9892640ad7

  • SHA1

    a7574dc239c8ed4267f8c0291d261c05b7317340

  • SHA256

    37a5aed8e8c4d56a9bffed1975aabde0f7042cbc5ee3ec466eff3644847d2de2

  • SHA512

    82253aaf7ac1a1814893b28338bd2ed0c59db77d679c010c05c98af2efb9ba6f01c14adf5f93f77116d4f1540a82ebc5b5e266b90e77d28dd7623d92b0043250

  • SSDEEP

    196608:hrKcMmWih8FwjTqopVmD0LYeNYiFJMIDJRZgsAGKlR2ftk2cbN2wFLcbVM3:FKc9WLFx4w0LXpFqyLgsSmxcbQccx

Score
7/10

Malware Config

Targets

    • Target

      Loader.exe

    • Size

      37.3MB

    • MD5

      8cd0d008be24ccab19c5cd9892640ad7

    • SHA1

      a7574dc239c8ed4267f8c0291d261c05b7317340

    • SHA256

      37a5aed8e8c4d56a9bffed1975aabde0f7042cbc5ee3ec466eff3644847d2de2

    • SHA512

      82253aaf7ac1a1814893b28338bd2ed0c59db77d679c010c05c98af2efb9ba6f01c14adf5f93f77116d4f1540a82ebc5b5e266b90e77d28dd7623d92b0043250

    • SSDEEP

      196608:hrKcMmWih8FwjTqopVmD0LYeNYiFJMIDJRZgsAGKlR2ftk2cbN2wFLcbVM3:FKc9WLFx4w0LXpFqyLgsSmxcbQccx

    Score
    7/10
    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      Loader.pyc

    • Size

      27KB

    • MD5

      b177d0351ac47689722ed71cca260948

    • SHA1

      560d0749d713fdef65c6b92ec29f4e9277c4066f

    • SHA256

      16ba144ab4bec59328aae25da6baa5daaf485e1f339607ffb6edc47671c72fa8

    • SHA512

      89f7710a577746d257f03be938bf7e867106f98fff3135dd359dfa3145626e9af0a9906cc5110f0c30f3fa10621e33ffdcad082b7934cfd115a6ce3ac8ffce3b

    • SSDEEP

      768:ktBfOjDXCzzm9U4VwbgtlI560vrGSj8jdGHOaTFp4/n2:kt4XiP4Bl4vrNj8jA/34/2

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks