Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024092910a28604b483ba7d01d5513d10ee50a4floxificedid

  • Size

    392KB

  • Sample

    240930-jlg9psxhrd

  • MD5

    10a28604b483ba7d01d5513d10ee50a4

  • SHA1

    317cc69da0bc9d5cb90507d14faf92ecf9a3d65c

  • SHA256

    ed84f99cb5d6e5e343711479801b2f3d62a921b55524508b08d7a902e73d5ad9

  • SHA512

    4e4ce51a4bb398d8fd5cf02015e642145be5e1d8406f3a04a1878aa57f4f780595ed2b70ea1bfe4e3d8fb85ecc66983233ff81b78b3bec14e92d20810912f926

  • SSDEEP

    6144:4GPEveLf5Rfb9puSt/jbO/4MvJZju0WBD3HGzBV+UdvrEFp7hKxA8g/:4pAf5Rfb9Z9O/pviBmBjvrEH7z8w

Malware Config

Targets

    • Target

      2024092910a28604b483ba7d01d5513d10ee50a4floxificedid

    • Size

      392KB

    • MD5

      10a28604b483ba7d01d5513d10ee50a4

    • SHA1

      317cc69da0bc9d5cb90507d14faf92ecf9a3d65c

    • SHA256

      ed84f99cb5d6e5e343711479801b2f3d62a921b55524508b08d7a902e73d5ad9

    • SHA512

      4e4ce51a4bb398d8fd5cf02015e642145be5e1d8406f3a04a1878aa57f4f780595ed2b70ea1bfe4e3d8fb85ecc66983233ff81b78b3bec14e92d20810912f926

    • SSDEEP

      6144:4GPEveLf5Rfb9puSt/jbO/4MvJZju0WBD3HGzBV+UdvrEFp7hKxA8g/:4pAf5Rfb9Z9O/pviBmBjvrEH7z8w

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks