Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    MCPTool-win64.msi

  • Size

    26.0MB

  • Sample

    240709-ly893azgrd

  • MD5

    7a51a2e60c9110caa91ec11f4115183a

  • SHA1

    786d3b17e8ff22e1c1e440064b72f783f3f0a468

  • SHA256

    66dd6fbbaeab246e515e98adac348399cda4256fec76ab19e192dad5fb985cd3

  • SHA512

    83aaa50865f4c6cd7af8ce26c8e1edeaedbe81c04508d826c4480ea4ecad30267a313fab71785b35687eca3c5cb997b415603b536872769820339d217eae8628

  • SSDEEP

    786432:1M98Ys1GkC28SnAkKlFerRpnCM+Icmsxj8z2:1MGY4rkyCM+IcmsR8

Malware Config

Targets

    • Target

      MCPTool-win64.msi

    • Size

      26.0MB

    • MD5

      7a51a2e60c9110caa91ec11f4115183a

    • SHA1

      786d3b17e8ff22e1c1e440064b72f783f3f0a468

    • SHA256

      66dd6fbbaeab246e515e98adac348399cda4256fec76ab19e192dad5fb985cd3

    • SHA512

      83aaa50865f4c6cd7af8ce26c8e1edeaedbe81c04508d826c4480ea4ecad30267a313fab71785b35687eca3c5cb997b415603b536872769820339d217eae8628

    • SSDEEP

      786432:1M98Ys1GkC28SnAkKlFerRpnCM+Icmsxj8z2:1MGY4rkyCM+IcmsR8

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks