Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c2766ab84447a67d41077212a98859cbd6d0edcb722b5b6ea9de1cf4b975bc8d

  • Size

    4.1MB

  • Sample

    240518-1qvh9saa94

  • MD5

    730c608ce62f373e03954e39aed8efa7

  • SHA1

    207aa1e4503fdad62ebcf66cdda3760c32bd5366

  • SHA256

    c2766ab84447a67d41077212a98859cbd6d0edcb722b5b6ea9de1cf4b975bc8d

  • SHA512

    839a64b07d237228946675ede3d154fc4607c04215cc76697ff2693ed04d0412b7d8f74292fcd8ed6dc1364c8bb344dbd9a96e19edb401847143ec325a96d118

  • SSDEEP

    98304:psVQ+hudF4keJeyEqK0evsENr9r54Wa5Cc1nHXivY:ps5hioeyE6OsERj43nv

Malware Config

Targets

    • Target

      c2766ab84447a67d41077212a98859cbd6d0edcb722b5b6ea9de1cf4b975bc8d

    • Size

      4.1MB

    • MD5

      730c608ce62f373e03954e39aed8efa7

    • SHA1

      207aa1e4503fdad62ebcf66cdda3760c32bd5366

    • SHA256

      c2766ab84447a67d41077212a98859cbd6d0edcb722b5b6ea9de1cf4b975bc8d

    • SHA512

      839a64b07d237228946675ede3d154fc4607c04215cc76697ff2693ed04d0412b7d8f74292fcd8ed6dc1364c8bb344dbd9a96e19edb401847143ec325a96d118

    • SSDEEP

      98304:psVQ+hudF4keJeyEqK0evsENr9r54Wa5Cc1nHXivY:ps5hioeyE6OsERj43nv

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Modifies Windows Firewall

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks