Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8c3d9929e7ecc1fc8437882cee4fa740N.exe

  • Size

    1.6MB

  • Sample

    240719-nj99xsydnj

  • MD5

    8c3d9929e7ecc1fc8437882cee4fa740

  • SHA1

    7db406b14522009e9c552472c49c78d4817fb577

  • SHA256

    7ae736a812292256971e8f2e35c24151c383968516538fa7a9e67e752f948e06

  • SHA512

    cb77195ad9c6cb6f2d535a5bbbce049e4a1b1a453f41809606cabec4484fb8ec861f34cb090114de9225b1035bb1c6c5783ae69699544a0cc59d5709930f65fb

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkyW1HU/ek5Qk7SW7r+kQQ7dXQARBa5eJ/CtAcS2o5:Lz071uv4BPMkyW10/wKV7hjSe5CtAl5

Malware Config

Targets

    • Target

      8c3d9929e7ecc1fc8437882cee4fa740N.exe

    • Size

      1.6MB

    • MD5

      8c3d9929e7ecc1fc8437882cee4fa740

    • SHA1

      7db406b14522009e9c552472c49c78d4817fb577

    • SHA256

      7ae736a812292256971e8f2e35c24151c383968516538fa7a9e67e752f948e06

    • SHA512

      cb77195ad9c6cb6f2d535a5bbbce049e4a1b1a453f41809606cabec4484fb8ec861f34cb090114de9225b1035bb1c6c5783ae69699544a0cc59d5709930f65fb

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkyW1HU/ek5Qk7SW7r+kQQ7dXQARBa5eJ/CtAcS2o5:Lz071uv4BPMkyW10/wKV7hjSe5CtAl5

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks