Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    PLHybrid.rar

  • Size

    27.0MB

  • Sample

    240921-rtspeawhmb

  • MD5

    e1a0988363906b66e1e71de1e5be7927

  • SHA1

    86a09abfdf003af788e16164196233084de506dd

  • SHA256

    c65bb019b27ce608df2aa415c0cb32cecf7d3297b84f232301b426e2fa98dbe7

  • SHA512

    492dd4acd379ccc41b2c2261e275bae4fbb8a4e845fabd7a7984a01e0d6031ae8addc760af8b87f5caa7fe026068dfabaff2b8b082e028da1fe656f06fe30450

  • SSDEEP

    786432:QqmSP8+Vf2iN0asitn6WtP+CL6sXZZFLRs98rMxRH6rzE:QqnFf2S0NWtPWgLwCM33

Score
7/10

Malware Config

Targets

    • Target

      PLHybrid/PLHybrid/PLHybrid.exe

    • Size

      27.1MB

    • MD5

      a51b6a6481af98ff4746cffad95975f3

    • SHA1

      4de062d5539541287495ccdf5e36e4c4883569cc

    • SHA256

      4285ac6bbd4001b9c3f716ddf06b173f9a32a5e897f694e4374407e009be86d3

    • SHA512

      93d9703d3817ad58b4f308b2ecced197dd016924c23157faa5837ae35e721030be1cf993fdff173c9aae1b4b1dde362f5a534eea6f6dcae43e3e93b0fe701ec1

    • SSDEEP

      786432:qCmwTPZ6Ihu64lNpRI/bRseECP/xob6TQtVLwvJ/jksKm:GGP4X6qpm1seHHxottVgJ77Km

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      PLHybrid/PLHybrid/SetupPL.exe

    • Size

      19KB

    • MD5

      7736ba935ee07706ab86ffd37127dd3c

    • SHA1

      8106fdf9b24d382de52c1030e86597aff57c0288

    • SHA256

      78be7f951a20b676529805aec38cc151b250862fc823fb9f50fa3f68f3ae8fc5

    • SHA512

      e5587b52619de1f32c55e0045e2d0f6306e67aa2858a104a698be8b51b721040df1aa5b374793e8499f841f8afa4d6ca3fe716fd28342bda7edad07efe0be2cd

    • SSDEEP

      192:VE5+KytpzgH4zZZE8RcNRj26q1Lekr/VckBTR0RZwJT3plhpsfhAsAVYsQ5Xfccw:VCytpzgH4zL5uv+vxBt0R6TfhebsnGY

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks