Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d8e58d7f4f9e05201eab6098cbb716aa27d2a33b761b2742700275067db097c4

  • Size

    78KB

  • Sample

    241224-ceq5psyngm

  • MD5

    837abde8fa35d366c09df5da9e5b84c3

  • SHA1

    140d6b31e98c1759d10440e9feac470ed8199de0

  • SHA256

    d8e58d7f4f9e05201eab6098cbb716aa27d2a33b761b2742700275067db097c4

  • SHA512

    3053f6d2fdaee757c4fddafeccbce1e7e7a7b1300bc6fc9e76b2cb98a6eb170d5382597eae44f2330d008e8d321e4c6428f5c1e473f05bb6c6137827a4b75104

  • SSDEEP

    1536:Na4V5jSJXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtC6Q9/41UM:Y4V5jS5SyRxvhTzXPvCbW2UI9/o

Malware Config

Targets

    • Target

      d8e58d7f4f9e05201eab6098cbb716aa27d2a33b761b2742700275067db097c4

    • Size

      78KB

    • MD5

      837abde8fa35d366c09df5da9e5b84c3

    • SHA1

      140d6b31e98c1759d10440e9feac470ed8199de0

    • SHA256

      d8e58d7f4f9e05201eab6098cbb716aa27d2a33b761b2742700275067db097c4

    • SHA512

      3053f6d2fdaee757c4fddafeccbce1e7e7a7b1300bc6fc9e76b2cb98a6eb170d5382597eae44f2330d008e8d321e4c6428f5c1e473f05bb6c6137827a4b75104

    • SSDEEP

      1536:Na4V5jSJXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtC6Q9/41UM:Y4V5jS5SyRxvhTzXPvCbW2UI9/o

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks