Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    popepe.zip

  • Size

    30.2MB

  • Sample

    240701-qlqdmstemc

  • MD5

    c667e8fb82f2e7a4f0590f2448f50a5f

  • SHA1

    a8e1900cadefe6f297880ceec1a9c0caf4e5fb14

  • SHA256

    460e89b89994f0279284eb1ddb2badf66a7d05abcfe13cf1f2674deb3f08dfa6

  • SHA512

    0f272c08114cfb0fe666ada799c857bac8ddd7788207424efdc24eb00395621ebaa2d6e42f91e7ea3c5ac552d6890db9dfb87e0cf2593b1ec553f33523ca8b5c

  • SSDEEP

    786432:ATe/Wuc3sXxDLjPnF6JvZm9HQ9p2IkkTTsBAnz5uhaJP/1Jo21:pxcCDl+vZv9YBkToy1uhaF/jo21

Malware Config

Targets

    • Target

      popepe.zip

    • Size

      30.2MB

    • MD5

      c667e8fb82f2e7a4f0590f2448f50a5f

    • SHA1

      a8e1900cadefe6f297880ceec1a9c0caf4e5fb14

    • SHA256

      460e89b89994f0279284eb1ddb2badf66a7d05abcfe13cf1f2674deb3f08dfa6

    • SHA512

      0f272c08114cfb0fe666ada799c857bac8ddd7788207424efdc24eb00395621ebaa2d6e42f91e7ea3c5ac552d6890db9dfb87e0cf2593b1ec553f33523ca8b5c

    • SSDEEP

      786432:ATe/Wuc3sXxDLjPnF6JvZm9HQ9p2IkkTTsBAnz5uhaJP/1Jo21:pxcCDl+vZv9YBkToy1uhaF/jo21

    • Downloads MZ/PE file

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

    • Target

      niplnk.rar

    • Size

      30.2MB

    • MD5

      6d0dd8a949147d97b2204c8bac2110ca

    • SHA1

      734eee92faec856a56f7e9f3c5add0019770be54

    • SHA256

      da2dff46917501495e53a05ece965a25d2e4b70d120346caec19a7789a1e196f

    • SHA512

      ee82c006e92f717a4d014bf9c559f51c41e5f471634f56a3e943c5c5b427739e2d4966bfeb718367bb6928ca2fc4c4b0af661b11423dd983cae63c49a9828374

    • SSDEEP

      786432:VTe/Wuc3sXxDLjPnF6JvZm9HQ9p2IkkTTsBAnz5uhaJP/1Jo25:kxcCDl+vZv9YBkToy1uhaF/jo25

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks