Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    81ae840bcd3f9a123da17ac3532501a0N.exe

  • Size

    1.8MB

  • Sample

    240807-hwf9qaxdnb

  • MD5

    81ae840bcd3f9a123da17ac3532501a0

  • SHA1

    b585c069f12f52729747125e7de68db0bc0aae26

  • SHA256

    7b718f37848a5eb12747846f9532e1c4d62f0a7071b6408fdee1d1cf0cfccffd

  • SHA512

    4bc34db7aa987fbf8b52fe921c963b325de674887c2bbfd18523c4ce3f855cac2583630d982c045bfea2fbc4a40a5e574f800df5112c5e29334b8882a54d44da

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82S5k7hzDv:NABP

Malware Config

Targets

    • Target

      81ae840bcd3f9a123da17ac3532501a0N.exe

    • Size

      1.8MB

    • MD5

      81ae840bcd3f9a123da17ac3532501a0

    • SHA1

      b585c069f12f52729747125e7de68db0bc0aae26

    • SHA256

      7b718f37848a5eb12747846f9532e1c4d62f0a7071b6408fdee1d1cf0cfccffd

    • SHA512

      4bc34db7aa987fbf8b52fe921c963b325de674887c2bbfd18523c4ce3f855cac2583630d982c045bfea2fbc4a40a5e574f800df5112c5e29334b8882a54d44da

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82S5k7hzDv:NABP

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks