Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c6a1f184673ca5feb2736b3118bcb6ca6ae8df6b8600abb6579df0fca83bdfb8

  • Size

    78KB

  • Sample

    240724-ddn5dsthqq

  • MD5

    9d797a1044fe51eac1ef33b2ff4fc011

  • SHA1

    8b83c7bfdcd4b7ab6bcf9bf7851b35dee476e68d

  • SHA256

    c6a1f184673ca5feb2736b3118bcb6ca6ae8df6b8600abb6579df0fca83bdfb8

  • SHA512

    008a3c5425b53001455255bf0cfd420e7eda02441f1d5be022980cfc3a20831a4b349b02389a6ab1e683a3efb238cff4ddc17b2dc89973565b8d7f1df8d8a784

  • SSDEEP

    1536:vhHY6uaJtZAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtW9/a1FaF:5HYI3ZAtWDDILJLovbicqOq3o+nW9/xF

Malware Config

Targets

    • Target

      c6a1f184673ca5feb2736b3118bcb6ca6ae8df6b8600abb6579df0fca83bdfb8

    • Size

      78KB

    • MD5

      9d797a1044fe51eac1ef33b2ff4fc011

    • SHA1

      8b83c7bfdcd4b7ab6bcf9bf7851b35dee476e68d

    • SHA256

      c6a1f184673ca5feb2736b3118bcb6ca6ae8df6b8600abb6579df0fca83bdfb8

    • SHA512

      008a3c5425b53001455255bf0cfd420e7eda02441f1d5be022980cfc3a20831a4b349b02389a6ab1e683a3efb238cff4ddc17b2dc89973565b8d7f1df8d8a784

    • SSDEEP

      1536:vhHY6uaJtZAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtW9/a1FaF:5HYI3ZAtWDDILJLovbicqOq3o+nW9/xF

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks