Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2e65279809a6a691c25a87f51f02d6932ada3e029c2c93374616b406baad6b16.zip

  • Size

    118KB

  • Sample

    250325-ta7qbssky3

  • MD5

    bac8d5e237659881531d5a283ea1d395

  • SHA1

    23384234ea15f8c7116c678d8285744390802952

  • SHA256

    2e65279809a6a691c25a87f51f02d6932ada3e029c2c93374616b406baad6b16

  • SHA512

    839cd9fb8ea0a366aa140032dc03422d037502e71e179167a79bcc0bd88b8359c71b874a9e5f42324659a0bcc74b8f17a10339e5b85f5fe0bb792b5ed842cc6b

  • SSDEEP

    3072:oHzO1El16HyySb7gev/NQErLeJpsvNF+PAb7ql98:Qz6K6Sxb79lerSg+

Malware Config

Targets

    • Target

      good.bin

    • Size

      143KB

    • MD5

      b034e2a7cd76b757b7c62ce514b378b4

    • SHA1

      27d15f36cb5e3338a19a7f6441ece58439f830f2

    • SHA256

      90d3580e187b631a9150bbb4a640b84c6fa990437febdc42f687cc7b3ce1deac

    • SHA512

      1cea6503cf244e1efb6ef68994a723f549126fc89ef8a38c76cdcc050d2a4524e96402591d1d150d927a12dcac81084a8275a929cf6e5933fdf62502c9c84385

    • SSDEEP

      3072:VMb/kbqjO/3FxV8l8wiEXHPV9r99rWhzAxH7wpjv4z:VMxo3Z8BvV9rL6h2H7wJ4

    • Modifies Windows Defender Real-time Protection settings

    • Phorphiex family

    • Phorphiex, Phorpiex

      Phorphiex or Phorpiex Malware family which infects systems to distribute other malicious payloads such as ransomware, stealers and cryptominers.

    • Windows security bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks