Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Cheat RageMp.rar

  • Size

    5.8MB

  • Sample

    240222-1hn2hsfg87

  • MD5

    9ac109fae328864e9873d062f5196c82

  • SHA1

    8baf0cb19af034b7428c679fc40b304e8d8c3246

  • SHA256

    4aa93200a8793997e2d8b903f13679970a31ebd058e28162f18e226848c2f62a

  • SHA512

    bcc19000bac31531b8666f0438a6bcb74864db8bb1202bbb6a3977652ebc6d7f08f4dc19c6e48aaf2db6281f723cc57d5d7cbf41babbf7ee68de590d1bb5cdfc

  • SSDEEP

    98304:cYyalLJjHjwm3Qg4B8f80FBpMByT0SwIpRhTAwYO1PZdDT53Eqxoq/92r6aHQQS4:zrlNjTQgG3uvMByT0S7ThTAXO1PZ550R

Score
7/10

Malware Config

Targets

    • Target

      Cheat RageMp/Cheat RageMp.exe

    • Size

      5.9MB

    • MD5

      ec78bb3c53387a3c3e575142087784c6

    • SHA1

      262249f489cb050efc0aa4e37feab8dd6a0ee7bf

    • SHA256

      f24801c5732b09537f6084c6e0e876b1329855a085ff25d158ba4496a6c452ac

    • SHA512

      1c6aa4ddb8886c81bda010d2afc20e618386190444c78208774ac281d219e15f23f7504344e56f479a8595a7de97021f2cef052657e43ff6787f1255397c5382

    • SSDEEP

      98304:MRr+WCvF7a9i65sn6Wfz7pnxCjJaWlpx1dstaNoSwKHf1c3zwCMOueAeFV9oakAr:MIbFsDOYjJlpZstQoS9Hf12jKXqiahr

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops desktop.ini file(s)

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks