Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a38e14185e6c9b429df021bb56358596

  • Size

    375KB

  • Sample

    240225-mkdrnshf35

  • MD5

    a38e14185e6c9b429df021bb56358596

  • SHA1

    4f97e20980bb38cb50ecdfbf45fd6d164422f1e6

  • SHA256

    dc5c22ee0782235867ae0363443252f867d0bae4056cd70dff77bf936abccb5d

  • SHA512

    bb44ade442130326540c3eeec0cc4319f1e0ff4001d906dc39b665b7268d4cc2b3ad084cc492e2224dd8c823147707b36ed050668699117886e8b22470644b3b

  • SSDEEP

    6144:S7Ev42gAjjXcNK8AlQeV8ppGS2GR2q8QCk9rOCelRfbHhgtwfeH4bkQe0VO76G0:hvXgAvsNl/eV8pcSt2HQCkElRftgtwai

Score
10/10

Malware Config

Targets

    • Target

      a38e14185e6c9b429df021bb56358596

    • Size

      375KB

    • MD5

      a38e14185e6c9b429df021bb56358596

    • SHA1

      4f97e20980bb38cb50ecdfbf45fd6d164422f1e6

    • SHA256

      dc5c22ee0782235867ae0363443252f867d0bae4056cd70dff77bf936abccb5d

    • SHA512

      bb44ade442130326540c3eeec0cc4319f1e0ff4001d906dc39b665b7268d4cc2b3ad084cc492e2224dd8c823147707b36ed050668699117886e8b22470644b3b

    • SSDEEP

      6144:S7Ev42gAjjXcNK8AlQeV8ppGS2GR2q8QCk9rOCelRfbHhgtwfeH4bkQe0VO76G0:hvXgAvsNl/eV8pcSt2HQCkElRftgtwai

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks