Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2917dc16b304acc9cdffcb0489a6e740N.exe

  • Size

    136KB

  • Sample

    240806-3gg8paxfpe

  • MD5

    2917dc16b304acc9cdffcb0489a6e740

  • SHA1

    23e365b91c95039eb5a0c39fb900511dbde9bb44

  • SHA256

    0dbfcf41ca713c606471a2b7f2130534f6e1e47b9538fcc3ab68c9d84478b2e1

  • SHA512

    3ff426c71568c92886f30bbaffed15405e427d00e5bfce48a8adf93e215f647ab183850fce9d3e16a74ce23303a969cbf15aaa694fb1bd8b01fc78b1085419ec

  • SSDEEP

    3072:kVyo566TegC2lQBV+UdE+rECWp7hKlhpS:kV4gIBV+UdvrEFp7hK/w

Malware Config

Targets

    • Target

      2917dc16b304acc9cdffcb0489a6e740N.exe

    • Size

      136KB

    • MD5

      2917dc16b304acc9cdffcb0489a6e740

    • SHA1

      23e365b91c95039eb5a0c39fb900511dbde9bb44

    • SHA256

      0dbfcf41ca713c606471a2b7f2130534f6e1e47b9538fcc3ab68c9d84478b2e1

    • SHA512

      3ff426c71568c92886f30bbaffed15405e427d00e5bfce48a8adf93e215f647ab183850fce9d3e16a74ce23303a969cbf15aaa694fb1bd8b01fc78b1085419ec

    • SSDEEP

      3072:kVyo566TegC2lQBV+UdE+rECWp7hKlhpS:kV4gIBV+UdvrEFp7hK/w

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks