Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    be3bc2ae872684835c4cfcee57a1c470N.exe

  • Size

    890KB

  • Sample

    240715-lt2peszgmr

  • MD5

    be3bc2ae872684835c4cfcee57a1c470

  • SHA1

    0c325daf6ac593f926d289ebe2e7697c93b1e09c

  • SHA256

    4c20c5b7670b15797871e8fcf4e50bdb482e6b9babd71912b3d8dd8f68605d87

  • SHA512

    47bb3ea41498caabefd2fbfae5e4cbb82a541ab64665d742f2bc93ab44880d36ad23cd16e19d49426da81f377bcc80280d1d4a4c094714e8679e2421072e1ab9

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkyW1HU/wcXli4:Lz071uv4BPMkyW10/9

Malware Config

Targets

    • Target

      be3bc2ae872684835c4cfcee57a1c470N.exe

    • Size

      890KB

    • MD5

      be3bc2ae872684835c4cfcee57a1c470

    • SHA1

      0c325daf6ac593f926d289ebe2e7697c93b1e09c

    • SHA256

      4c20c5b7670b15797871e8fcf4e50bdb482e6b9babd71912b3d8dd8f68605d87

    • SHA512

      47bb3ea41498caabefd2fbfae5e4cbb82a541ab64665d742f2bc93ab44880d36ad23cd16e19d49426da81f377bcc80280d1d4a4c094714e8679e2421072e1ab9

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkyW1HU/wcXli4:Lz071uv4BPMkyW10/9

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks