Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    55096d039cf9ae68d27a8bf5b25b7cfff65e18a0e4a4f2342593d489cf27a8d3N.exe

  • Size

    78KB

  • Sample

    241226-j3mwhszrby

  • MD5

    66020e028ac3694a7acaa956b628cb40

  • SHA1

    7bb256e3fc795c3f656dec60a0bad7f51b29b943

  • SHA256

    55096d039cf9ae68d27a8bf5b25b7cfff65e18a0e4a4f2342593d489cf27a8d3

  • SHA512

    a4c827be2a3a3ccd6c11ec6dd32e9636f7f07bb27fa171566c07b089df699dc4edd68bedc8e68784a91d0b2e555f5fb60af512a0e3510ed5f9a7b3a01397ecae

  • SSDEEP

    1536:vtPWV5j4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQty6P9/l2MC1jT:VPWV5jASyRxvhTzXPvCbW2U39/l2ME

Malware Config

Targets

    • Target

      55096d039cf9ae68d27a8bf5b25b7cfff65e18a0e4a4f2342593d489cf27a8d3N.exe

    • Size

      78KB

    • MD5

      66020e028ac3694a7acaa956b628cb40

    • SHA1

      7bb256e3fc795c3f656dec60a0bad7f51b29b943

    • SHA256

      55096d039cf9ae68d27a8bf5b25b7cfff65e18a0e4a4f2342593d489cf27a8d3

    • SHA512

      a4c827be2a3a3ccd6c11ec6dd32e9636f7f07bb27fa171566c07b089df699dc4edd68bedc8e68784a91d0b2e555f5fb60af512a0e3510ed5f9a7b3a01397ecae

    • SSDEEP

      1536:vtPWV5j4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQty6P9/l2MC1jT:VPWV5jASyRxvhTzXPvCbW2U39/l2ME

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks