Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    GSAutoClicker.exe

  • Size

    846KB

  • Sample

    240628-tmqbtawdqg

  • MD5

    6862f65be14fd3ce88086ec79777db6e

  • SHA1

    7f0eb7535b59a926446a400ff93f48165b58ac95

  • SHA256

    7c90795c9b28fac978386626f5a54033dc9cba46ef6a3f742fc7d52b394590f2

  • SHA512

    d04700ca41bd2076ecb7b9028ba16738de479b3113efea0c86613f354e977f9b4dff6dbd8c06fcc4536be0585cff7f0e2636a2a6789373efad7788a7559bab04

  • SSDEEP

    12288:saWzgMg7v3qnCibErQohh0F4zCJ8lnywQ8S8Xe74050MOm:TaHMv6Cbrj/nywQ8Sfs+7

Score
6/10

Malware Config

Targets

    • Target

      GSAutoClicker.exe

    • Size

      846KB

    • MD5

      6862f65be14fd3ce88086ec79777db6e

    • SHA1

      7f0eb7535b59a926446a400ff93f48165b58ac95

    • SHA256

      7c90795c9b28fac978386626f5a54033dc9cba46ef6a3f742fc7d52b394590f2

    • SHA512

      d04700ca41bd2076ecb7b9028ba16738de479b3113efea0c86613f354e977f9b4dff6dbd8c06fcc4536be0585cff7f0e2636a2a6789373efad7788a7559bab04

    • SSDEEP

      12288:saWzgMg7v3qnCibErQohh0F4zCJ8lnywQ8S8Xe74050MOm:TaHMv6Cbrj/nywQ8Sfs+7

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks