Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Xayre.Fix.exe

  • Size

    16.6MB

  • Sample

    240310-scd1csfa9z

  • MD5

    b42a6a71d009a1e9319c1eb75c92b0c6

  • SHA1

    ebe64c51bab9d60e73a62a11bd82c29eee7c7170

  • SHA256

    fe070b5e8685bbb2abf7b343e454ebdebf493e8bbc8c597f67abfb704eca155e

  • SHA512

    e58e6813fa73bdf38d61e6cafb9314f5f405a8e11453e0e70ba4c7d6616f489818619b8f4618e37d98339fe362181ed7bf50ca424f441094f8a1f053c9e4dbc1

  • SSDEEP

    393216:fFAlntYXaPiZ1a56gOshouIkP9tRL54+58jIoCv422I:6ltYXaPivacBwouZtRL2qwt2

Score
7/10

Malware Config

Targets

    • Target

      Xayre.Fix.exe

    • Size

      16.6MB

    • MD5

      b42a6a71d009a1e9319c1eb75c92b0c6

    • SHA1

      ebe64c51bab9d60e73a62a11bd82c29eee7c7170

    • SHA256

      fe070b5e8685bbb2abf7b343e454ebdebf493e8bbc8c597f67abfb704eca155e

    • SHA512

      e58e6813fa73bdf38d61e6cafb9314f5f405a8e11453e0e70ba4c7d6616f489818619b8f4618e37d98339fe362181ed7bf50ca424f441094f8a1f053c9e4dbc1

    • SSDEEP

      393216:fFAlntYXaPiZ1a56gOshouIkP9tRL54+58jIoCv422I:6ltYXaPivacBwouZtRL2qwt2

    Score
    7/10
    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks