Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8c22b81f04cbfff5369e880af816b0e759b18d00d609d28e53247bd5a48f78c3

  • Size

    249KB

  • Sample

    220913-qvzcxaffh8

  • MD5

    c5106b7a22b1720d708b2409cf694915

  • SHA1

    2bd7a7fad4dedc2228146a22e01458be6ad57673

  • SHA256

    8c22b81f04cbfff5369e880af816b0e759b18d00d609d28e53247bd5a48f78c3

  • SHA512

    83a3eb96191ff9aafedc4466dd91fa5b7c8b420c320a980feb808b3c39a859d0484123094380b84e663029e9ec27515682715491575fd4c37b2ca51c2282611a

  • SSDEEP

    6144:BRbDKHNwLI7DyWIZ2qc6PMLzIwP0M1Qa:nSHGLI7DyWy2qcDzsB

Malware Config

Targets

    • Target

      8c22b81f04cbfff5369e880af816b0e759b18d00d609d28e53247bd5a48f78c3

    • Size

      249KB

    • MD5

      c5106b7a22b1720d708b2409cf694915

    • SHA1

      2bd7a7fad4dedc2228146a22e01458be6ad57673

    • SHA256

      8c22b81f04cbfff5369e880af816b0e759b18d00d609d28e53247bd5a48f78c3

    • SHA512

      83a3eb96191ff9aafedc4466dd91fa5b7c8b420c320a980feb808b3c39a859d0484123094380b84e663029e9ec27515682715491575fd4c37b2ca51c2282611a

    • SSDEEP

      6144:BRbDKHNwLI7DyWIZ2qc6PMLzIwP0M1Qa:nSHGLI7DyWy2qcDzsB

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks