Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bcc8f86ef4ffafa186ce6fafcb1684da8e99205709e2766fdf6e9205994fc910
-
Size
2.4MB
-
Sample
240627-2mlmmavhmd
-
MD5
f8f76bcf92d471334e77f891c17fba64
-
SHA1
360ec16bba09b03ca65c00382849ebea4aeb62d3
-
SHA256
bcc8f86ef4ffafa186ce6fafcb1684da8e99205709e2766fdf6e9205994fc910
-
SHA512
70b00d97d0dacfe25ba0430172e40d6534118ff0f48d73731eaae4e1041778af7b49153df7c4e3eb1e5bb13c37635568bf6ef1ab88d317d66129fb72ac623504
-
SSDEEP
49152:/qvqHgWVpi0bnnVgQXDifMQ64bB5mGwFZyXD0hL5THoea:/aqHtVM2iQXtQjZAhJa
Malware Config
Targets
-
-
Target
bcc8f86ef4ffafa186ce6fafcb1684da8e99205709e2766fdf6e9205994fc910
-
Size
2.4MB
-
MD5
f8f76bcf92d471334e77f891c17fba64
-
SHA1
360ec16bba09b03ca65c00382849ebea4aeb62d3
-
SHA256
bcc8f86ef4ffafa186ce6fafcb1684da8e99205709e2766fdf6e9205994fc910
-
SHA512
70b00d97d0dacfe25ba0430172e40d6534118ff0f48d73731eaae4e1041778af7b49153df7c4e3eb1e5bb13c37635568bf6ef1ab88d317d66129fb72ac623504
-
SSDEEP
49152:/qvqHgWVpi0bnnVgQXDifMQ64bB5mGwFZyXD0hL5THoea:/aqHtVM2iQXtQjZAhJa
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-