Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    virussign.com_f3aeda2131f029de821d41ca75abf260.vir

  • Size

    3.2MB

  • Sample

    240528-tgj8lscc49

  • MD5

    f3aeda2131f029de821d41ca75abf260

  • SHA1

    a799b97a300bf53f778295c23b60123943d22911

  • SHA256

    e5c9d7ecdd2c71b692845614c41cad947465115b6cd0e231232c00490cd7304e

  • SHA512

    8501e7ff5f396b74d29f5e319c95fee7cb990dbfa8fd386867e0b05f93f5147f5a2e624186bae1f4b77b6d362234c1eb913157640cb5dd7bb8f9b1935d980ee1

  • SSDEEP

    98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWA:7bBeSFk0

Malware Config

Targets

    • Target

      virussign.com_f3aeda2131f029de821d41ca75abf260.vir

    • Size

      3.2MB

    • MD5

      f3aeda2131f029de821d41ca75abf260

    • SHA1

      a799b97a300bf53f778295c23b60123943d22911

    • SHA256

      e5c9d7ecdd2c71b692845614c41cad947465115b6cd0e231232c00490cd7304e

    • SHA512

      8501e7ff5f396b74d29f5e319c95fee7cb990dbfa8fd386867e0b05f93f5147f5a2e624186bae1f4b77b6d362234c1eb913157640cb5dd7bb8f9b1935d980ee1

    • SSDEEP

      98304:71ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWA:7bBeSFk0

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks