Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    870663b0782a4b7a05e84d4dd8154711c41bb26299365bdc2373f470d81b5e0b

  • Size

    1.4MB

  • Sample

    250120-ty711aylbv

  • MD5

    477fd3dd1b2f7c702252f2882002e16a

  • SHA1

    516abc0c0fbb38e7b6c972a9691f8e3941e68132

  • SHA256

    b28f9389eb5c15cff9425b8825ee17ffc99b9c0263aedd7830868cf6047b5a04

  • SHA512

    3186077320d7ef7bea2c8ee3b21805263e7521dc997e9a57151b3cc8291b8e97952411daa9cb39cbe60a9355849abe40f256e0d8a7aeccbee5a1c5a96e1d69a3

  • SSDEEP

    24576:UXYO1irGNwhZeE9RDfd8kqCrZPnaf6PbJ6K5lKUiBo/OqWIr4jNME9SAQJ91pmMJ:9O16hZeE9RDKOrA2TUUi8OmkjNME9zQ9

Malware Config

Targets

    • Target

      870663b0782a4b7a05e84d4dd8154711c41bb26299365bdc2373f470d81b5e0b

    • Size

      3.8MB

    • MD5

      aef27e82cd86ed5003b277fb319beb27

    • SHA1

      52eecb59d4a8a5404f6dc347cd46fbd4ee964995

    • SHA256

      870663b0782a4b7a05e84d4dd8154711c41bb26299365bdc2373f470d81b5e0b

    • SHA512

      16a61f280f5cf3fd04d9e4f9d956fabbc2855f5d0b1c890e614baf5b4f6fd3441b41c8c7de5a768f443128e715eb933d6c09a2855e52cc405b9eb042baa46efb

    • SSDEEP

      49152:Nsz6FvpOiHY7sz6FvpOiHY1+we6AC9L7lARB3QJhut7C6:N0WQ0WZ

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

    • Netsupport family

    • Blocklisted process makes network request

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.