Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Abyss.exe

  • Size

    15.9MB

  • Sample

    240712-qcaxlavclk

  • MD5

    0ba5fcce81cf9d8972499c1afae20c80

  • SHA1

    b1d471f3350d70e2825e21904edd8315e642097d

  • SHA256

    311e4cc88e9034bbb5c758f11333e67c72ff0ed8d84557a3205a4d86bedd4e95

  • SHA512

    f41b0f7dc97c609863e747bfb303419a1da03b8b3ce8adf22c74da9132d5d04f4d5fa4bfdf52d90f8a0dcf9d99ae870c5270f9f6b0abe771a7d369300a425f3b

  • SSDEEP

    393216:8mc4gP8AxYDX1+TtIiFGMiP1gZY9Z8D8CclzEJ0oO:834bX71QtIWiP2a8DZcJT

Malware Config

Targets

    • Target

      Abyss.exe

    • Size

      15.9MB

    • MD5

      0ba5fcce81cf9d8972499c1afae20c80

    • SHA1

      b1d471f3350d70e2825e21904edd8315e642097d

    • SHA256

      311e4cc88e9034bbb5c758f11333e67c72ff0ed8d84557a3205a4d86bedd4e95

    • SHA512

      f41b0f7dc97c609863e747bfb303419a1da03b8b3ce8adf22c74da9132d5d04f4d5fa4bfdf52d90f8a0dcf9d99ae870c5270f9f6b0abe771a7d369300a425f3b

    • SSDEEP

      393216:8mc4gP8AxYDX1+TtIiFGMiP1gZY9Z8D8CclzEJ0oO:834bX71QtIWiP2a8DZcJT

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to get system information as a root user.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks