Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c7b8522a03d1e130cd927e51ddd7e11a77cb7bd2ba370ca9a23f644a2ff98e11N.exe

  • Size

    78KB

  • Sample

    241210-jnz8aszjdx

  • MD5

    39e605d590615ffda6969f7d96a7d240

  • SHA1

    44cb3125e7dd2e3c9257d2181025ba628bc6ec7b

  • SHA256

    c7b8522a03d1e130cd927e51ddd7e11a77cb7bd2ba370ca9a23f644a2ff98e11

  • SHA512

    329d7c5b0d9c6b47a3ba03772827ffa1871c7b68f0d71ccb3d66a1f044eda58ec31342b8ecd4b9e9380b07f0d6b8da19efca3f67aecd106e1d579e4c35d49409

  • SSDEEP

    1536:SVPy5jnAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qtd6e9/w0160:IPy5jnAtWDDILJLovbicqOq3o+nt9/wW

Malware Config

Targets

    • Target

      c7b8522a03d1e130cd927e51ddd7e11a77cb7bd2ba370ca9a23f644a2ff98e11N.exe

    • Size

      78KB

    • MD5

      39e605d590615ffda6969f7d96a7d240

    • SHA1

      44cb3125e7dd2e3c9257d2181025ba628bc6ec7b

    • SHA256

      c7b8522a03d1e130cd927e51ddd7e11a77cb7bd2ba370ca9a23f644a2ff98e11

    • SHA512

      329d7c5b0d9c6b47a3ba03772827ffa1871c7b68f0d71ccb3d66a1f044eda58ec31342b8ecd4b9e9380b07f0d6b8da19efca3f67aecd106e1d579e4c35d49409

    • SSDEEP

      1536:SVPy5jnAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qtd6e9/w0160:IPy5jnAtWDDILJLovbicqOq3o+nt9/wW

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks