Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f10c932d6616498c831832ea297eb2d3.exe

  • Size

    300KB

  • Sample

    220917-g67c8adbfp

  • MD5

    f10c932d6616498c831832ea297eb2d3

  • SHA1

    fbf48f28e027081a59c8ff0633e36c7bf9249aac

  • SHA256

    b04a97266b50ce3674a2a10d888fb1debd0379bf035d368c3d71304e3b60cbba

  • SHA512

    90ea93e84f9d89d49a129c4ff2bc7a2a069e3c85d15e68771e2d57171815a0294a3d4428b39b01dddc86a9849f6fa4d585de94b160352daab967804451e3c1c1

  • SSDEEP

    6144:AmM2LnjfMakXleZGv94d80gnigabwVfA:pR7jh6j94zgir

Malware Config

Targets

    • Target

      f10c932d6616498c831832ea297eb2d3.exe

    • Size

      300KB

    • MD5

      f10c932d6616498c831832ea297eb2d3

    • SHA1

      fbf48f28e027081a59c8ff0633e36c7bf9249aac

    • SHA256

      b04a97266b50ce3674a2a10d888fb1debd0379bf035d368c3d71304e3b60cbba

    • SHA512

      90ea93e84f9d89d49a129c4ff2bc7a2a069e3c85d15e68771e2d57171815a0294a3d4428b39b01dddc86a9849f6fa4d585de94b160352daab967804451e3c1c1

    • SSDEEP

      6144:AmM2LnjfMakXleZGv94d80gnigabwVfA:pR7jh6j94zgir

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks