Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

06/04/2024, 13:56

240406-q8r6rabg71 8

06/04/2024, 13:15

240406-qhknzsbb4x 8

General

  • Target

    CyberVault_Win.exe

  • Size

    73.8MB

  • Sample

    240406-q8r6rabg71

  • MD5

    ae7bfe884ebf40257bb7387e07889a94

  • SHA1

    d4abc58448715b4adfe02b40f578006417891566

  • SHA256

    618914d6a71a4b13e63360dab8a1eb08b61ac9cf2f991d4a68c95f0baee10bf0

  • SHA512

    411677b9fda7148adf4344a2d0955698df4ef4909976c1529849ebfc5225d6a79ef73190d39f4ebe012207ebfec593ad3c7b697442c90c8c8eb23c2ed5e2e27a

  • SSDEEP

    1572864:k8HhipuuP0h5JnMLPrOfKLpLXVVwPyzcPl0IgumEMkwT3ksb9:zBnuP0hnnM+fEpLXQaylzKkw19

Malware Config

Targets

    • Target

      CyberVault_Win.exe

    • Size

      73.8MB

    • MD5

      ae7bfe884ebf40257bb7387e07889a94

    • SHA1

      d4abc58448715b4adfe02b40f578006417891566

    • SHA256

      618914d6a71a4b13e63360dab8a1eb08b61ac9cf2f991d4a68c95f0baee10bf0

    • SHA512

      411677b9fda7148adf4344a2d0955698df4ef4909976c1529849ebfc5225d6a79ef73190d39f4ebe012207ebfec593ad3c7b697442c90c8c8eb23c2ed5e2e27a

    • SSDEEP

      1572864:k8HhipuuP0h5JnMLPrOfKLpLXVVwPyzcPl0IgumEMkwT3ksb9:zBnuP0hnnM+fEpLXQaylzKkw19

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks