Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    GoogleChorme.msi.vir

  • Size

    31.3MB

  • Sample

    240823-rrrpbssajr

  • MD5

    46c0158715bf937ebbbd3f0f4160df53

  • SHA1

    4025bb5c7dab4c20f43e27ef59fb7b0d59f20b5e

  • SHA256

    03f9c6613c68094f94d2099b0f5b61afb7e308d70a19b3bc26a2c4d9a65a33f0

  • SHA512

    13a7e0d01d3a79fdd309a447ad130fe3597737dc001ed816f6541f60079b4ee6f36b4d7842fa8672eca94b693925baab6ddb8f84839ad5bf7f0eea3e72f18357

  • SSDEEP

    786432:NOGXRTW9sglw5UbThI9/tCSRwWpe4jbdQ6nF7z:NRaRw5UbdMFKcjbdQCd

Malware Config

Targets

    • Target

      GoogleChorme.msi.vir

    • Size

      31.3MB

    • MD5

      46c0158715bf937ebbbd3f0f4160df53

    • SHA1

      4025bb5c7dab4c20f43e27ef59fb7b0d59f20b5e

    • SHA256

      03f9c6613c68094f94d2099b0f5b61afb7e308d70a19b3bc26a2c4d9a65a33f0

    • SHA512

      13a7e0d01d3a79fdd309a447ad130fe3597737dc001ed816f6541f60079b4ee6f36b4d7842fa8672eca94b693925baab6ddb8f84839ad5bf7f0eea3e72f18357

    • SSDEEP

      786432:NOGXRTW9sglw5UbThI9/tCSRwWpe4jbdQ6nF7z:NRaRw5UbdMFKcjbdQCd

    • Adds Run key to start application

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks