Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-09-04_11a07ae5b1c0322d338b600969f36d0f_magniber_metamorfo

  • Size

    4.8MB

  • Sample

    240904-xfajkavcpq

  • MD5

    11a07ae5b1c0322d338b600969f36d0f

  • SHA1

    0b51fabe8a2bfff2dcbd13d4b0af7737c926e51f

  • SHA256

    f67c9eb3930de4c767f522915503ce71ea4dbf02a003f5d44d1261d5c0db8f0e

  • SHA512

    09268b1506524b10b02136bde864a66b93e44bb254179f2c6e3d5b792ba71decbd2f6c899682e88b6144193c8952dad8d9e308a7c016d2d28310a48776d3f56b

  • SSDEEP

    98304:+7IyvTgqJ/BZXxkIjPG1f5ehM/Cw/khc5FbKEQ26PVR7m6gZ1MRGNCyI5AxV300e:4bg6BZBkIAhehM/Cw/khc5FbKEV6PVRz

Malware Config

Targets

    • Target

      2024-09-04_11a07ae5b1c0322d338b600969f36d0f_magniber_metamorfo

    • Size

      4.8MB

    • MD5

      11a07ae5b1c0322d338b600969f36d0f

    • SHA1

      0b51fabe8a2bfff2dcbd13d4b0af7737c926e51f

    • SHA256

      f67c9eb3930de4c767f522915503ce71ea4dbf02a003f5d44d1261d5c0db8f0e

    • SHA512

      09268b1506524b10b02136bde864a66b93e44bb254179f2c6e3d5b792ba71decbd2f6c899682e88b6144193c8952dad8d9e308a7c016d2d28310a48776d3f56b

    • SSDEEP

      98304:+7IyvTgqJ/BZXxkIjPG1f5ehM/Cw/khc5FbKEQ26PVR7m6gZ1MRGNCyI5AxV300e:4bg6BZBkIAhehM/Cw/khc5FbKEV6PVRz

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks