Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2bfc61c41ac7316d4910e8287ef2213afb2404741f59af5a858d946a7fd05033

  • Size

    207KB

  • Sample

    250126-zr3qlavkbn

  • MD5

    90955ed2e770de2db32e90a2851c0d6f

  • SHA1

    4d7b555a5f72e819edb8d894c0aeaab509c580b1

  • SHA256

    2bfc61c41ac7316d4910e8287ef2213afb2404741f59af5a858d946a7fd05033

  • SHA512

    ad796876cc6a0b5f9db2644ac0f64b5b3aa5773bd0ed1b4523cd61ab8992e5390b8108e63bc4736b885bed38d4e7ff7231c8cdab3d3a5a5ff1b2961bdb952046

  • SSDEEP

    3072:Bz3cAhTATjnt+/ZPAUOt2lQBV+UdE+rECWp7hKNhZ:BzsANAvnQZ4UQBV+UdvrEFp7hKNj

Malware Config

Targets

    • Target

      2bfc61c41ac7316d4910e8287ef2213afb2404741f59af5a858d946a7fd05033

    • Size

      207KB

    • MD5

      90955ed2e770de2db32e90a2851c0d6f

    • SHA1

      4d7b555a5f72e819edb8d894c0aeaab509c580b1

    • SHA256

      2bfc61c41ac7316d4910e8287ef2213afb2404741f59af5a858d946a7fd05033

    • SHA512

      ad796876cc6a0b5f9db2644ac0f64b5b3aa5773bd0ed1b4523cd61ab8992e5390b8108e63bc4736b885bed38d4e7ff7231c8cdab3d3a5a5ff1b2961bdb952046

    • SSDEEP

      3072:Bz3cAhTATjnt+/ZPAUOt2lQBV+UdE+rECWp7hKNhZ:BzsANAvnQZ4UQBV+UdvrEFp7hKNj

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks