Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    063fdb320a5e8b9fb9f237f1000eabd15dc8c702430c19df8bdb764818d61a62

  • Size

    1.3MB

  • Sample

    240705-wz59xavgmc

  • MD5

    196bf823971f1470f230d96342aa53ec

  • SHA1

    94e266a4b5bd10f5d74e61fb859eeb5338bfd879

  • SHA256

    063fdb320a5e8b9fb9f237f1000eabd15dc8c702430c19df8bdb764818d61a62

  • SHA512

    b72f73466bd31299a04710f58a7cbd9e01cbbb64297ad2ded86f248814898389de5e97aa59fe5c0936a1c41895e64e1a458576bb31f4de08e2fa5ce70bb84c88

  • SSDEEP

    24576:xorhrGbk0PpCcnCKZthzuSWTAEn/RgaT2NX8nYRZR21omrEH7o:acbwKtjWTADaOKYRZQZ

Malware Config

Targets

    • Target

      063fdb320a5e8b9fb9f237f1000eabd15dc8c702430c19df8bdb764818d61a62

    • Size

      1.3MB

    • MD5

      196bf823971f1470f230d96342aa53ec

    • SHA1

      94e266a4b5bd10f5d74e61fb859eeb5338bfd879

    • SHA256

      063fdb320a5e8b9fb9f237f1000eabd15dc8c702430c19df8bdb764818d61a62

    • SHA512

      b72f73466bd31299a04710f58a7cbd9e01cbbb64297ad2ded86f248814898389de5e97aa59fe5c0936a1c41895e64e1a458576bb31f4de08e2fa5ce70bb84c88

    • SSDEEP

      24576:xorhrGbk0PpCcnCKZthzuSWTAEn/RgaT2NX8nYRZR21omrEH7o:acbwKtjWTADaOKYRZQZ

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks