Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    36b479ded61740bb4c479a7969d5d1e469173fe50d4378074f14d5c0fb52d3bc

  • Size

    1.1MB

  • Sample

    220626-b41vrsccdm

  • MD5

    42d6eb88c4a77bd128d3dc9c0e4803d0

  • SHA1

    622ed276c5e468886f2a971c0322092b0f9256af

  • SHA256

    36b479ded61740bb4c479a7969d5d1e469173fe50d4378074f14d5c0fb52d3bc

  • SHA512

    db40be563b4a476b7c7a34d599bdb3e53ed0f7688fd799b5066913e26cd7f935b95478de43c1c853d3c3e95f8f27e74180713b08b4b7fe93dc86950fe3b1e587

Score
8/10

Malware Config

Targets

    • Target

      36b479ded61740bb4c479a7969d5d1e469173fe50d4378074f14d5c0fb52d3bc

    • Size

      1.1MB

    • MD5

      42d6eb88c4a77bd128d3dc9c0e4803d0

    • SHA1

      622ed276c5e468886f2a971c0322092b0f9256af

    • SHA256

      36b479ded61740bb4c479a7969d5d1e469173fe50d4378074f14d5c0fb52d3bc

    • SHA512

      db40be563b4a476b7c7a34d599bdb3e53ed0f7688fd799b5066913e26cd7f935b95478de43c1c853d3c3e95f8f27e74180713b08b4b7fe93dc86950fe3b1e587

    Score
    8/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks