Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8a5cd9e4083c753eb3e0f2deb6c11776b7539e6b50b0c75db022a06adb048b28N.exe

  • Size

    78KB

  • Sample

    250103-n4r9vaskgx

  • MD5

    83b27d364390c72c4e2e7f40987a6fc0

  • SHA1

    3513ba5080ad679d18aa7c390d88e143da07890a

  • SHA256

    8a5cd9e4083c753eb3e0f2deb6c11776b7539e6b50b0c75db022a06adb048b28

  • SHA512

    43c4529f562df253bbfa31fdf5436c5b0f60e1e9bd9c5243a4f2bf1641e4e394f3f28cd21d651ac2c7cda8f97afe23121edcda78e029002e510636bfee78d59e

  • SSDEEP

    1536:PuHY6M7t/vZv0kH9gDDtWzYCnJPeoYrGQtRd9/U19K:PuHYnh/l0Y9MDYrm7Rd9/B

Malware Config

Targets

    • Target

      8a5cd9e4083c753eb3e0f2deb6c11776b7539e6b50b0c75db022a06adb048b28N.exe

    • Size

      78KB

    • MD5

      83b27d364390c72c4e2e7f40987a6fc0

    • SHA1

      3513ba5080ad679d18aa7c390d88e143da07890a

    • SHA256

      8a5cd9e4083c753eb3e0f2deb6c11776b7539e6b50b0c75db022a06adb048b28

    • SHA512

      43c4529f562df253bbfa31fdf5436c5b0f60e1e9bd9c5243a4f2bf1641e4e394f3f28cd21d651ac2c7cda8f97afe23121edcda78e029002e510636bfee78d59e

    • SSDEEP

      1536:PuHY6M7t/vZv0kH9gDDtWzYCnJPeoYrGQtRd9/U19K:PuHYnh/l0Y9MDYrm7Rd9/B

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks