Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Orbit Executor_38541207.exe
-
Size
9.5MB
-
Sample
240903-wcqkyasdkn
-
MD5
7c6ee11bb51836c324084fcc3c6e2445
-
SHA1
98a55adddca774d5e402bea0bbdf8054332975ef
-
SHA256
cefe4e9c6fe234191788d51417bf9de9fb3a65078c6c4ad82918e35f70f415e3
-
SHA512
f0adbe141fba42b56cf4594de8fee80d69da95478a8abb05d39dae345c735953e8c8927a34ea34bc5dfb039a65719059c1089dbc503761bb3dfb2ec679dbce24
-
SSDEEP
196608:aK0MPGCiZt9cKOrqNRxmQ3bKfIiaNPFHNRsiKS:J/Ph0SrqNRxL3bIIiEHMnS
Malware Config
Targets
-
-
Target
Orbit Executor_38541207.exe
-
Size
9.5MB
-
MD5
7c6ee11bb51836c324084fcc3c6e2445
-
SHA1
98a55adddca774d5e402bea0bbdf8054332975ef
-
SHA256
cefe4e9c6fe234191788d51417bf9de9fb3a65078c6c4ad82918e35f70f415e3
-
SHA512
f0adbe141fba42b56cf4594de8fee80d69da95478a8abb05d39dae345c735953e8c8927a34ea34bc5dfb039a65719059c1089dbc503761bb3dfb2ec679dbce24
-
SSDEEP
196608:aK0MPGCiZt9cKOrqNRxmQ3bKfIiaNPFHNRsiKS:J/Ph0SrqNRxL3bIIiEHMnS
Score6/10-
Checks for any installed AV software in registry
-
Downloads MZ/PE file
-
Legitimate hosting services abused for malware hosting/C2
-
Network Share Discovery
Attempt to gather information on host network.
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Discovery
Network Share Discovery
1Process Discovery
1Query Registry
4Software Discovery
1Security Software Discovery
1System Information Discovery
3System Location Discovery
1System Language Discovery
1System Network Configuration Discovery
1Internet Connection Discovery
1