Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
55096d039cf9ae68d27a8bf5b25b7cfff65e18a0e4a4f2342593d489cf27a8d3N.exe
-
Size
78KB
-
Sample
241226-j3mwhszrby
-
MD5
66020e028ac3694a7acaa956b628cb40
-
SHA1
7bb256e3fc795c3f656dec60a0bad7f51b29b943
-
SHA256
55096d039cf9ae68d27a8bf5b25b7cfff65e18a0e4a4f2342593d489cf27a8d3
-
SHA512
a4c827be2a3a3ccd6c11ec6dd32e9636f7f07bb27fa171566c07b089df699dc4edd68bedc8e68784a91d0b2e555f5fb60af512a0e3510ed5f9a7b3a01397ecae
-
SSDEEP
1536:vtPWV5j4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQty6P9/l2MC1jT:VPWV5jASyRxvhTzXPvCbW2U39/l2ME
Static task
static1
Behavioral task
behavioral1
Sample
55096d039cf9ae68d27a8bf5b25b7cfff65e18a0e4a4f2342593d489cf27a8d3N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
55096d039cf9ae68d27a8bf5b25b7cfff65e18a0e4a4f2342593d489cf27a8d3N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
55096d039cf9ae68d27a8bf5b25b7cfff65e18a0e4a4f2342593d489cf27a8d3N.exe
-
Size
78KB
-
MD5
66020e028ac3694a7acaa956b628cb40
-
SHA1
7bb256e3fc795c3f656dec60a0bad7f51b29b943
-
SHA256
55096d039cf9ae68d27a8bf5b25b7cfff65e18a0e4a4f2342593d489cf27a8d3
-
SHA512
a4c827be2a3a3ccd6c11ec6dd32e9636f7f07bb27fa171566c07b089df699dc4edd68bedc8e68784a91d0b2e555f5fb60af512a0e3510ed5f9a7b3a01397ecae
-
SSDEEP
1536:vtPWV5j4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQty6P9/l2MC1jT:VPWV5jASyRxvhTzXPvCbW2U39/l2ME
-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-