Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    nigger.rar

  • Size

    7.8MB

  • Sample

    241012-25g26a1arq

  • MD5

    f84dcf3e1e37765e2a17b92f6ea2be08

  • SHA1

    8f0486c45bd92530efbcbe7c470df0e242a224d4

  • SHA256

    975a3f80c603be02363042159fc630fc58cd303c1f8cda3f18d4e44783cd47d1

  • SHA512

    2a9f2ea715343fb577bd35da754db04d9e1e275866bcf4e3d17c035199ecdac1401a993991af497aa6102755c511028d4940a6ae348e3773d364fc1ecc3a0335

  • SSDEEP

    196608:e7yYhyaGYmitsJ/bdtha2T+eUIn6+QK5yozcGwgw0uyp:e7KDYwXIjF+5lXU0

Score
6/10

Malware Config

Targets

    • Target

      BouncyCastle.Cryptography.dll

    • Size

      6.5MB

    • MD5

      569d36975315143faa1c72b12090dfff

    • SHA1

      3f56bc9b78f64e9a0202955d8aca5cb07f07e06f

    • SHA256

      aec227154fc549739ff5a07920723641f773ce65d05dca70b215183c93e9641d

    • SHA512

      b20a4ab3f0efb65465cfb3f7ba6432bacdae2066c2eef4fa3f9b90a96ee5f9d4618ec3786f6c798f1552a89e7036d336e3fe0cf6f0986bcdf5b9e3879e60921b

    • SSDEEP

      98304:DEQWfdkCgJOnpVp1lFer1mLLaCaunWf9ZEX4Ghp+A3NEo2O0xDe1BvuqgoRVIVCB:QfdkCHzufMX4Gbce1Juq1YCnUAP6fV4

    Score
    1/10
    • Target

      Guna.UI2.dll

    • Size

      2.1MB

    • MD5

      c19e9e6a4bc1b668d19505a0437e7f7e

    • SHA1

      73be712aef4baa6e9dabfc237b5c039f62a847fa

    • SHA256

      9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82

    • SHA512

      b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de

    • SSDEEP

      49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z

    Score
    1/10
    • Target

      HtmlAgilityPack.dll

    • Size

      167KB

    • MD5

      f3ed692636aa3dbde89f4ae22f5c9efb

    • SHA1

      320041117ff2fbc5e2966c7142a8f6b5c023ef8b

    • SHA256

      0e8f209cb150b97b99f4788a1a1366eac3d5d3d028dedf7179c8c19d12aab84f

    • SHA512

      a9b9ea43ec3958b7b590b3490b8a4304d48467428b47f541179b12d081d2db67671dadfaa93bde4dcfb6fa4869de6bf94d93e436370b8ddb155436496bc0f9ee

    • SSDEEP

      3072:w5jLyrlbn3NuZVyGKjBLquLJyrdo35YMFDZerN+wF8LE:XduZY9JyJopYJo

    Score
    1/10
    • Target

      Newtonsoft.Json.dll

    • Size

      695KB

    • MD5

      195ffb7167db3219b217c4fd439eedd6

    • SHA1

      1e76e6099570ede620b76ed47cf8d03a936d49f8

    • SHA256

      e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d

    • SHA512

      56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac

    • SSDEEP

      12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/

    Score
    1/10
    • Target

      QhtbqjQkwerkQM.exe

    • Size

      5.0MB

    • MD5

      e28cb70214fc11f606c7708eaf920741

    • SHA1

      5e67d40dc3f42d654388ad048665b009e88f2d4a

    • SHA256

      f89b044aaf8dbafb39cf1181b01ee5d1b244601c0f35a926076a39ae64e95572

    • SHA512

      6f7ac34bf85391de49750acc01c992718d1c7445cd70f20d36f8e5ff231b28c68c0ad6077e60156c5506ce63cf28c3700f8481ee80f11dffcfbaefbd9006fcd1

    • SSDEEP

      98304:yFD2T0y2F/F/wVQlCro//irEuTHtllllllllI3qm:Ig0yO5wmlao/6rEukF

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

    • Target

      itextsharp.dll

    • Size

      2.5MB

    • MD5

      7406e36a768e1bd36a19c79e5a0ebd4f

    • SHA1

      315ba19be03148e57ed2a36cc00178e86059f978

    • SHA256

      2b7d6afcff85f529b968bfecd8a1f35612281b913c9b450469331edd2051c109

    • SHA512

      715c281461247af07dfe223a48261826e1e0ffee5d104434e0585dacf0a2de404efd1ce31674165d5d2abe9e3b1be34c08e53ff6497982efcc82c93f771cb96c

    • SSDEEP

      24576:mbxtY1IMr8qOpmdByweqobc/ha3xRVxrslQK8zMgO3V99/ULzW/hYPOCBJoyq1eT:yxtYR8fGkyVQK8FpJoyq1epmf9jEH3q

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks