Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

a159cb41fb...c3.exe

windows7-x64

10

a159cb41fb...c3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a159cb41fb774addaa90dcd79ad5bdc3

  • Size

    78KB

  • Sample

    240224-jt3wdadh59

  • MD5

    a159cb41fb774addaa90dcd79ad5bdc3

  • SHA1

    a5440ae698758676f7a9cfad55969f898b45e9f2

  • SHA256

    655584d79282fc1d930fefde09cf190ae2e9ff72cab59a828b73f6e86101b316

  • SHA512

    f1ca3b602a01f5f7aecc848bf4519e6e1927fa94d59ad54126ffcbf51e8e66d86093df6612761ab7c17d5ad5c504f15611b01cc6638eb84668c2a3b1d1ff942c

  • SSDEEP

    1536:EPWV5jScdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6j9/2S1EP:EPWV5jSrn7N041QqhgL9/I

Score
10/10
metamorpherratpersistenceratstealertrojan

Malware Config

Targets

    • Target

      a159cb41fb774addaa90dcd79ad5bdc3

    • Size

      78KB

    • MD5

      a159cb41fb774addaa90dcd79ad5bdc3

    • SHA1

      a5440ae698758676f7a9cfad55969f898b45e9f2

    • SHA256

      655584d79282fc1d930fefde09cf190ae2e9ff72cab59a828b73f6e86101b316

    • SHA512

      f1ca3b602a01f5f7aecc848bf4519e6e1927fa94d59ad54126ffcbf51e8e66d86093df6612761ab7c17d5ad5c504f15611b01cc6638eb84668c2a3b1d1ff942c

    • SSDEEP

      1536:EPWV5jScdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6j9/2S1EP:EPWV5jSrn7N041QqhgL9/I

    Score
    10/10
    metamorpherratpersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks