Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Goblin_Temp_W00fer_free_version.rar

  • Size

    372KB

  • Sample

    240620-vzc3payfrb

  • MD5

    782222557c780bf3dd5ffe2b9a3756ba

  • SHA1

    0f1287ac053d74dfbf6014dba5f02b5d858cab31

  • SHA256

    29baa408662e7783695fb007d84f3b192daed4fca403215ddc4edeaaa14dbcc4

  • SHA512

    e70ed97b6ef79f52ba571b8f90354bc6c7f6d8263e57e532feb2fc58043d19530ef9cf2b2780cb086d92ccfd28e4f8201f2e127b245f91d58d7d090029af3620

  • SSDEEP

    6144:HhnmkEc74AVejdmsXKmeLF0Um/Wh5ZMjd2bn39LTwASp:9fVeRX4g/uMRmJTwASp

Malware Config

Targets

    • Target

      Goblin.exe

    • Size

      704KB

    • MD5

      a0eecf9df2066fee2a579a4722cb0aba

    • SHA1

      8955ef7bc4bfebd994ec4aaba4fc2d4ae4cdd8aa

    • SHA256

      ca976293e8f616b417dbaaf62831cfb8ea41b0ba25ef652c1696b164231e8b0b

    • SHA512

      4ba533085798a01966efbcb8f158d01526ac1da75bd0c41facbc889c97cf9d819fd6e09100689d8fbceb9073f5af8e2a423e45a563f9ca36aace79a5b8c34275

    • SSDEEP

      12288:TuWtlv0SfIHNjodPGcfjsP1L28DZbM0SeYe738+BC8:TugV0+IFo17sP1L9VbIfe73pC8

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Modifies system executable filetype association

MITRE ATT&CK Enterprise v15

Tasks