Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    337271e88113365bbe1dec42d11bff965649a190835cb44cdf8eed10451c6ab3

  • Size

    4.1MB

  • Sample

    240327-1yxzcsga5z

  • MD5

    736c06a9e18f2c622a4fddf636f61b2a

  • SHA1

    a46b7beb104f0f3f89744bacfbd74785a878ae75

  • SHA256

    337271e88113365bbe1dec42d11bff965649a190835cb44cdf8eed10451c6ab3

  • SHA512

    aeb651c1342668f22411f71f4cd791ace1ecf45a642343c8c9f7ed51cf9d6e754edca9b7291f666c5aa65886536cd0d7d3c54893f08a2659113d449c315cde3d

  • SSDEEP

    98304:h7zJ39IX2U7X1+K7Ux/HsIRAXi7v0sWM34I+aATyCWf/EKmgc/mKdOC:Vl9IX2QX1hUiXi7fN/+aAOfilcC

Malware Config

Targets

    • Target

      337271e88113365bbe1dec42d11bff965649a190835cb44cdf8eed10451c6ab3

    • Size

      4.1MB

    • MD5

      736c06a9e18f2c622a4fddf636f61b2a

    • SHA1

      a46b7beb104f0f3f89744bacfbd74785a878ae75

    • SHA256

      337271e88113365bbe1dec42d11bff965649a190835cb44cdf8eed10451c6ab3

    • SHA512

      aeb651c1342668f22411f71f4cd791ace1ecf45a642343c8c9f7ed51cf9d6e754edca9b7291f666c5aa65886536cd0d7d3c54893f08a2659113d449c315cde3d

    • SSDEEP

      98304:h7zJ39IX2U7X1+K7Ux/HsIRAXi7v0sWM34I+aATyCWf/EKmgc/mKdOC:Vl9IX2QX1hUiXi7fN/+aAOfilcC

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Modifies Windows Firewall

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Manipulates WinMonFS driver.

      Roottkits write to WinMonFS to hide directories/files from being detected.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks