Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

a4e3ea43fb...1f.exe

windows7_x64

10

a4e3ea43fb...1f.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a4e3ea43fbb89d7928a95c1bb231a8305b8dc1ef6c27235391307a2bb6b0f21f

  • Size

    4.1MB

  • Sample

    220524-sek7fsbadq

  • MD5

    7e7fd9dd93b91370b407b09c356f334d

  • SHA1

    4dacdd8f81acfb8837737ba389f3f47163bd6a92

  • SHA256

    a4e3ea43fbb89d7928a95c1bb231a8305b8dc1ef6c27235391307a2bb6b0f21f

  • SHA512

    75af0e986395e9a0b87623e67438b9cad683b0ad43d86c7bd9a592ca7d92b5b1d6ca028973bcde1251d83d6c822c5689cb6379327aef4089d0fd2ccd845fd01b

Score
10/10
rmsaspackv2rattrojanupx

Malware Config

Targets

    • Target

      a4e3ea43fbb89d7928a95c1bb231a8305b8dc1ef6c27235391307a2bb6b0f21f

    • Size

      4.1MB

    • MD5

      7e7fd9dd93b91370b407b09c356f334d

    • SHA1

      4dacdd8f81acfb8837737ba389f3f47163bd6a92

    • SHA256

      a4e3ea43fbb89d7928a95c1bb231a8305b8dc1ef6c27235391307a2bb6b0f21f

    • SHA512

      75af0e986395e9a0b87623e67438b9cad683b0ad43d86c7bd9a592ca7d92b5b1d6ca028973bcde1251d83d6c822c5689cb6379327aef4089d0fd2ccd845fd01b

    Score
    10/10
    rmsrattrojanaspackv2upx

    • RMS

      Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.

      trojanratrms

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks