Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
91s -
max time network
139s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
16/09/2022, 14:01
General
-
Target
Picture_Samples.exe
-
Size
104KB
-
MD5
ab2d42662c04ee385f73347810c4d9fe
-
SHA1
3dc6bd80d7acdc08478ee2591e5eb4987d039ec9
-
SHA256
71a2d4cf1f55f1b4ff5934bf84ad52384c00bee908b57143638adde051242bd9
-
SHA512
7b55b57f896df671aa3432c929cc96ac7f1a6b59ea4e395f4cf1f90c564bcf29e9ca5be135cdda73d367db10922f02fb3386e591bde4a66c320e56e710c358d8
-
SSDEEP
3072:wdxNE+Hb+eyz9zIov6bSY+PlpVSNXIUzIdph00/Y97qKaw2tn8:wW+7+eMYbSYiSyxo8fk
Malware Config
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Loads dropped DLL 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\Picture_Samples.exe"C:\Users\Admin\AppData\Local\Temp\Picture_Samples.exe"1⤵
- Loads dropped DLL
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
11KB
MD53e6bf00b3ac976122f982ae2aadb1c51
SHA1caab188f7fdc84d3fdcb2922edeeb5ed576bd31d
SHA2564ff9b2678d698677c5d9732678f9cf53f17290e09d053691aac4cc6e6f595cbe
SHA5121286f05e6a7e6b691f6e479638e7179897598e171b52eb3a3dc0e830415251069d29416b6d1ffc6d7dce8da5625e1479be06db9b7179e7776659c5c1ad6aa706
-
Filesize
1024KB
-
Filesize
1024KB