Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8a1b4faca53cf75f122cf1fb4b6782256658830421d3ae40c994e099f77fa112

  • Size

    502KB

  • Sample

    240925-3pl7lsxejh

  • MD5

    830cc6eb70b646491bd9d2816aa1408d

  • SHA1

    3410447b6c4360b8ffcba108e801e204595fa73c

  • SHA256

    8a1b4faca53cf75f122cf1fb4b6782256658830421d3ae40c994e099f77fa112

  • SHA512

    0234af5061c84a28a8ab92030432da4e3f3cd36e6fa5c9019b6a9cd7ce3d468f856a4a026b344bf2974dc040e33222e9c1cf5bebf74641fab0bab384049a9ae2

  • SSDEEP

    12288:V0JQa6C1hAnDs4ZClh0m9NjgWGk/uXbsBjvrEH7B:V0Z6CXAn9o0m95gWGHGrEH7B

Malware Config

Targets

    • Target

      8a1b4faca53cf75f122cf1fb4b6782256658830421d3ae40c994e099f77fa112

    • Size

      502KB

    • MD5

      830cc6eb70b646491bd9d2816aa1408d

    • SHA1

      3410447b6c4360b8ffcba108e801e204595fa73c

    • SHA256

      8a1b4faca53cf75f122cf1fb4b6782256658830421d3ae40c994e099f77fa112

    • SHA512

      0234af5061c84a28a8ab92030432da4e3f3cd36e6fa5c9019b6a9cd7ce3d468f856a4a026b344bf2974dc040e33222e9c1cf5bebf74641fab0bab384049a9ae2

    • SSDEEP

      12288:V0JQa6C1hAnDs4ZClh0m9NjgWGk/uXbsBjvrEH7B:V0Z6CXAn9o0m95gWGHGrEH7B

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks