Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6ed1f348fc4e30067fbf3430d938e1a0N.exe

  • Size

    1.1MB

  • Sample

    240819-pjc5vsxbmn

  • MD5

    6ed1f348fc4e30067fbf3430d938e1a0

  • SHA1

    8672c9fd18f1f961743ffc393c31e208b718a464

  • SHA256

    3c4f09f050cd08b3538ea6bd0a2a0a543bab2c58b299b214a9c3161d7c53a537

  • SHA512

    bd8264f5374441901e8206a351b10e3c90a1fa3a1702c90317da2d741979e8e56524759ba0fe19d848a087fe68dd792f04aec23568cc3c1cb60d97c9c45b5ebc

  • SSDEEP

    24576:Pq5TfcdHj4fmbA2qx0MmV0VMXR9mOphGkDKTeOffsGiE:PUTsamUxzOzrOffL

Malware Config

Targets

    • Target

      6ed1f348fc4e30067fbf3430d938e1a0N.exe

    • Size

      1.1MB

    • MD5

      6ed1f348fc4e30067fbf3430d938e1a0

    • SHA1

      8672c9fd18f1f961743ffc393c31e208b718a464

    • SHA256

      3c4f09f050cd08b3538ea6bd0a2a0a543bab2c58b299b214a9c3161d7c53a537

    • SHA512

      bd8264f5374441901e8206a351b10e3c90a1fa3a1702c90317da2d741979e8e56524759ba0fe19d848a087fe68dd792f04aec23568cc3c1cb60d97c9c45b5ebc

    • SSDEEP

      24576:Pq5TfcdHj4fmbA2qx0MmV0VMXR9mOphGkDKTeOffsGiE:PUTsamUxzOzrOffL

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

    • RevengeRat Executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

MITRE ATT&CK Enterprise v15

Tasks