Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9f61a3757f737404c25a2837ddd1ff6c14dfe394127c8a94c5c10f00dfa34811
-
Size
4.6MB
-
Sample
240405-et7r4scd79
-
MD5
3dfe6ff32db8cd1e7f6b2fba4c308836
-
SHA1
a609b1de628998746bd1f33616f2a3324764fb52
-
SHA256
9f61a3757f737404c25a2837ddd1ff6c14dfe394127c8a94c5c10f00dfa34811
-
SHA512
fa169e2f01ef3f970c1b79ced8f5040117e9dff32ff4f55c13681cf468fb020bac9b2c59d426f2e97f170fd95cfdb3704346dbc0ba75925658acd0c6d72609f2
-
SSDEEP
98304:iws2ANnKXOaeOgmh707KZxDnDCa+WlcelG07E2MLM:4KXbeO7a2v5zyelw2M
Malware Config
Targets
-
-
Target
9f61a3757f737404c25a2837ddd1ff6c14dfe394127c8a94c5c10f00dfa34811
-
Size
4.6MB
-
MD5
3dfe6ff32db8cd1e7f6b2fba4c308836
-
SHA1
a609b1de628998746bd1f33616f2a3324764fb52
-
SHA256
9f61a3757f737404c25a2837ddd1ff6c14dfe394127c8a94c5c10f00dfa34811
-
SHA512
fa169e2f01ef3f970c1b79ced8f5040117e9dff32ff4f55c13681cf468fb020bac9b2c59d426f2e97f170fd95cfdb3704346dbc0ba75925658acd0c6d72609f2
-
SSDEEP
98304:iws2ANnKXOaeOgmh707KZxDnDCa+WlcelG07E2MLM:4KXbeO7a2v5zyelw2M
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Drops file in System32 directory
-