Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6cac8963c83bcde572bfe01af4e28076286cbdfc1c3f667b1e1aee09bb99ee49
-
Size
2.5MB
-
Sample
240528-ybqwesad92
-
MD5
698f3f136961b1b22dc43f40dd73b3ee
-
SHA1
857781ee438cca601add716085d74ffd8e82d6ad
-
SHA256
6cac8963c83bcde572bfe01af4e28076286cbdfc1c3f667b1e1aee09bb99ee49
-
SHA512
7b04194b80adea5084e8076e1b54fb0fe1a69e5e10b3736d71e290ed130776b3a65c582439654bad00ba30b7e10fe75d27148152ed10ea236568fdc051bb5cef
-
SSDEEP
49152:rCwsbCANnKXferL7Vwe/Gg0P+WhgtBwd4yn2G:uws2ANnKXOaeOgmhgtBE4yn2G
Malware Config
Targets
-
-
Target
6cac8963c83bcde572bfe01af4e28076286cbdfc1c3f667b1e1aee09bb99ee49
-
Size
2.5MB
-
MD5
698f3f136961b1b22dc43f40dd73b3ee
-
SHA1
857781ee438cca601add716085d74ffd8e82d6ad
-
SHA256
6cac8963c83bcde572bfe01af4e28076286cbdfc1c3f667b1e1aee09bb99ee49
-
SHA512
7b04194b80adea5084e8076e1b54fb0fe1a69e5e10b3736d71e290ed130776b3a65c582439654bad00ba30b7e10fe75d27148152ed10ea236568fdc051bb5cef
-
SSDEEP
49152:rCwsbCANnKXferL7Vwe/Gg0P+WhgtBwd4yn2G:uws2ANnKXOaeOgmhgtBE4yn2G
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-