Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

30/12/2024, 19:54

241230-ymjw9ayme1 10

24/09/2024, 08:26

240924-kcchja1cla 10

19/09/2024, 16:17

240919-trjptsybql 10

General

  • Target

    ToDesk_x64_4.7.4.8.exe.v

  • Size

    56.3MB

  • Sample

    241230-ymjw9ayme1

  • MD5

    e43eaf8183e538eb28e5dfd31ba074bc

  • SHA1

    4d90bca79dbb3994fc1cf99921b1942520bee490

  • SHA256

    3771d6a0594a42845193f182b177151b295e458f17749e74ae5a5320210a2fe8

  • SHA512

    d43c32749ff1db235f063cc071c33af41dde25fd1c92d1fb670ad8ee0c5b7ab24f172138d7a18b0f61d9e4e959d4b765965ca3e38f0aa9cbb4e51125d6de70a5

  • SSDEEP

    1572864:A4959RiO7XJ5d5crS8/JruPXzKgz5zejq4/OiV0xNnw:lT7XJ5gTJrOzKs5y//OiVwZw

Score
10/10

Malware Config

Targets

    • Target

      ToDesk_x64_4.7.4.8.exe.v

    • Size

      56.3MB

    • MD5

      e43eaf8183e538eb28e5dfd31ba074bc

    • SHA1

      4d90bca79dbb3994fc1cf99921b1942520bee490

    • SHA256

      3771d6a0594a42845193f182b177151b295e458f17749e74ae5a5320210a2fe8

    • SHA512

      d43c32749ff1db235f063cc071c33af41dde25fd1c92d1fb670ad8ee0c5b7ab24f172138d7a18b0f61d9e4e959d4b765965ca3e38f0aa9cbb4e51125d6de70a5

    • SSDEEP

      1572864:A4959RiO7XJ5d5crS8/JruPXzKgz5zejq4/OiV0xNnw:lT7XJ5gTJrOzKs5y//OiVwZw

    Score
    10/10
    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

    • Plugx family

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks