Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ffdbc622f7d18e41b2865d08163d93331eaee12c52d5cef4efb3897dc23ffa32

  • Size

    146KB

  • Sample

    220919-24p2dafcbp

  • MD5

    779edc74c2d8626172496c85b05c47d9

  • SHA1

    1b87f878cf74a13aba1017e3fdccf98b6a72b687

  • SHA256

    ffdbc622f7d18e41b2865d08163d93331eaee12c52d5cef4efb3897dc23ffa32

  • SHA512

    4f8160dc3d807f60d03058d20a41fcb4772789a828a474a152b1514931704ab28cafec7e2591c8a9708b535ec543c1cfcce70d7b73ca1abe9ab4e54a69ff09ed

  • SSDEEP

    3072:zD3kiLsz5Yb3utwYLv8P3xeyVs3fQZiBDMpLx:FLs63uqYs+vK2

Malware Config

Targets

    • Target

      ffdbc622f7d18e41b2865d08163d93331eaee12c52d5cef4efb3897dc23ffa32

    • Size

      146KB

    • MD5

      779edc74c2d8626172496c85b05c47d9

    • SHA1

      1b87f878cf74a13aba1017e3fdccf98b6a72b687

    • SHA256

      ffdbc622f7d18e41b2865d08163d93331eaee12c52d5cef4efb3897dc23ffa32

    • SHA512

      4f8160dc3d807f60d03058d20a41fcb4772789a828a474a152b1514931704ab28cafec7e2591c8a9708b535ec543c1cfcce70d7b73ca1abe9ab4e54a69ff09ed

    • SSDEEP

      3072:zD3kiLsz5Yb3utwYLv8P3xeyVs3fQZiBDMpLx:FLs63uqYs+vK2

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Executes dropped EXE

    • Deletes itself

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks