Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    11d734b55aa2a817f941a11d2f649abb3ce7cdbaf2eb0d9ae12d735c60fef3b4

  • Size

    808KB

  • Sample

    241210-hbg1hswrg1

  • MD5

    23f088575f563a95b6845d301dcc3d8f

  • SHA1

    73b8900f0aaa72be44e68f0ada533a08406b8bb4

  • SHA256

    11d734b55aa2a817f941a11d2f649abb3ce7cdbaf2eb0d9ae12d735c60fef3b4

  • SHA512

    d13453b8082c97c5c2e2e6dc20673a472069047633f255d62861e98a967834a493b080f6f6f6e6d938570acce2dbf45bc55c09036258be651001896843c3549f

  • SSDEEP

    12288:MJKCRsK2SYNPG2Nl4ySBCGdo6hcXBW3CMYxHiUALEQ2BjvrEH7Esz:LVPNl4yh8DhcXBW3CM48grEH7P

Malware Config

Targets

    • Target

      11d734b55aa2a817f941a11d2f649abb3ce7cdbaf2eb0d9ae12d735c60fef3b4

    • Size

      808KB

    • MD5

      23f088575f563a95b6845d301dcc3d8f

    • SHA1

      73b8900f0aaa72be44e68f0ada533a08406b8bb4

    • SHA256

      11d734b55aa2a817f941a11d2f649abb3ce7cdbaf2eb0d9ae12d735c60fef3b4

    • SHA512

      d13453b8082c97c5c2e2e6dc20673a472069047633f255d62861e98a967834a493b080f6f6f6e6d938570acce2dbf45bc55c09036258be651001896843c3549f

    • SSDEEP

      12288:MJKCRsK2SYNPG2Nl4ySBCGdo6hcXBW3CMYxHiUALEQ2BjvrEH7Esz:LVPNl4yh8DhcXBW3CM48grEH7P

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks