Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b7e955b408896bd111883b2797b5206d

  • Size

    78KB

  • Sample

    240306-vg9nyadh2t

  • MD5

    b7e955b408896bd111883b2797b5206d

  • SHA1

    fd564fe92e456cd0777b8f6468a4cee8499c313d

  • SHA256

    b77ffa2d207284169106d837b65f41fae1fc40335d6d561f16a519507b819fcc

  • SHA512

    461b0bc42f32123fc0bf08cd008985ea9a760588daf00db5a225667baf7e9f38d5d69918f0cf639f218f6b7ab20fae27919392d8cd50f745f78e98deb886c9d8

  • SSDEEP

    1536:APWtHY6JJteVdv5wyFppaVs+aYTCgtWzYXxxiMrBnP5oYZNQtT9/21Lp:APWtHYO3e/vqyA11XYUBxprBPjcT9/y

Malware Config

Targets

    • Target

      b7e955b408896bd111883b2797b5206d

    • Size

      78KB

    • MD5

      b7e955b408896bd111883b2797b5206d

    • SHA1

      fd564fe92e456cd0777b8f6468a4cee8499c313d

    • SHA256

      b77ffa2d207284169106d837b65f41fae1fc40335d6d561f16a519507b819fcc

    • SHA512

      461b0bc42f32123fc0bf08cd008985ea9a760588daf00db5a225667baf7e9f38d5d69918f0cf639f218f6b7ab20fae27919392d8cd50f745f78e98deb886c9d8

    • SSDEEP

      1536:APWtHY6JJteVdv5wyFppaVs+aYTCgtWzYXxxiMrBnP5oYZNQtT9/21Lp:APWtHYO3e/vqyA11XYUBxprBPjcT9/y

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks