Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

GlobalProt...64.exe

windows7-x64

1

GlobalProt...64.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94a0a69a771e1a869c76ce556a1d10068a916d59.zip

  • Size

    61.4MB

  • Sample

    240830-vs55wsvgne

  • MD5

    d94be3b5cfe327f3fcca6ab819807555

  • SHA1

    94a0a69a771e1a869c76ce556a1d10068a916d59

  • SHA256

    67edf175321f92df454c58fc64babaf1905a2843b0fe7105a3d5c6146c0e9898

  • SHA512

    66d343c9b1dfeabf995927f83bdb44afc0ca573b7cdd3d2d289d69b46fbaafb7a7fdd147b144324f0aebc3fb32fdc6c23198b262d0956c673ab6ee19c728d887

  • SSDEEP

    1572864:gPVCf6uuQ9TRMlomJuhtkv/Tjyu9DyAH2DGpfx0:CVCf5uQdulomo8v/fn92/DMfG

Score
10/10
wikiloaderbackdoorjnlploader

Malware Config

Extracted

Rule
Java Network Launch Protocol (JNLP)
C2

$$codebase/$$codebasesuit.jnlp?whitelabel=$$whitelabel

Extracted

Family

wikiloader

C2

https://carniceriamartinezadria.com/wp-content/themes/twentytwentyfour/rleoec.php?id=1

https://jlholgado.com/wp-content/themes/twentytwentyfour/zca2ck.php?id=1

https://elpgtextil.com/wp-content/themes/twentytwentyfour/44snwx.php?id=1

https://arbeitsschutz-mmk.de/plugins/search/contacts/chrndi.php?id=1

Targets

    • Target

      GlobalProtect64/GlobalProtect64.exe

    • Size

      359KB

    • MD5

      0ff2ca0c7b5c6e167d52cba95f00eec9

    • SHA1

      bfaa5eea2b921b7a0b801bda00f69196c213b880

    • SHA256

      bd8016b895b404f43e1d6614b564927385d74534cef319c0ea5236dd9ed00b2f

    • SHA512

      1630b14ba53d96369002d78e9f390119781203049a19d7d3e8002bb0103c1b91c746b73b80f9d7ffd1ec7c6caf66eb8f5c2df2d2d801c953941db3be0330273e

    • SSDEEP

      6144:J12UdfHkDSdefEvAxa1snobprfkj3d5Qz1zAyN0Pf2+kqE:T24V4Va2noNE3UzfQkqE

    Score
    10/10
    wikiloaderbackdoorloader

    • Wikiloader

      Wikiloader is a loader and backdoor written in C++.

      loaderbackdoorwikiloader

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks