Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-27_6d7f2e446deb7ce788688763d51da13d_floxif_mafia

  • Size

    2.5MB

  • Sample

    240427-wn4xpseb91

  • MD5

    6d7f2e446deb7ce788688763d51da13d

  • SHA1

    69477ac2262fd13433b62ddb72699a751bcf658b

  • SHA256

    dfe56bdfda16df337e4d36a692674765b14e51aa8472b8146ebcbc13f11cafaa

  • SHA512

    d0644a5c7678a691e8d908247f86c7757a6aa649f50a69fdb5cfc95355acdd8973a4b95d5986d7744c1d577d4b717d82d13716b91169ff6f251d155e9068313a

  • SSDEEP

    49152:huIIKxofs2hPd2l177BTK2VbDsar1YDjz:hjMfs2hPIl1/s

Score
9/10

Malware Config

Targets

    • Target

      2024-04-27_6d7f2e446deb7ce788688763d51da13d_floxif_mafia

    • Size

      2.5MB

    • MD5

      6d7f2e446deb7ce788688763d51da13d

    • SHA1

      69477ac2262fd13433b62ddb72699a751bcf658b

    • SHA256

      dfe56bdfda16df337e4d36a692674765b14e51aa8472b8146ebcbc13f11cafaa

    • SHA512

      d0644a5c7678a691e8d908247f86c7757a6aa649f50a69fdb5cfc95355acdd8973a4b95d5986d7744c1d577d4b717d82d13716b91169ff6f251d155e9068313a

    • SSDEEP

      49152:huIIKxofs2hPd2l177BTK2VbDsar1YDjz:hjMfs2hPIl1/s

    Score
    9/10
    • UPX dump on OEP (original entry point)

    • Modifies AppInit DLL entries

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks