Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0daeead53363aa5700928e038323bd114acb92b9b9e0139a06a9b0809388180c

  • Size

    148KB

  • Sample

    220921-makggagae7

  • MD5

    4660ed492206278e101f3afabdc97ddb

  • SHA1

    4b4beee8634e120f246efcef82910abadc8e4cd9

  • SHA256

    0daeead53363aa5700928e038323bd114acb92b9b9e0139a06a9b0809388180c

  • SHA512

    30162ee49f5460ab1e765d6b03688ef7fce3fd5b76b7179e0eefd540f8619564c5fe50359be6304d897020f155360589bff3a826abb798b0517b224f3f83e1aa

  • SSDEEP

    3072:g9875NlvnNKVNUXPHyQpm9Ilf+BUEwNUBHMIn:PvNJ/yN9IlfE6UBH

Malware Config

Targets

    • Target

      0daeead53363aa5700928e038323bd114acb92b9b9e0139a06a9b0809388180c

    • Size

      148KB

    • MD5

      4660ed492206278e101f3afabdc97ddb

    • SHA1

      4b4beee8634e120f246efcef82910abadc8e4cd9

    • SHA256

      0daeead53363aa5700928e038323bd114acb92b9b9e0139a06a9b0809388180c

    • SHA512

      30162ee49f5460ab1e765d6b03688ef7fce3fd5b76b7179e0eefd540f8619564c5fe50359be6304d897020f155360589bff3a826abb798b0517b224f3f83e1aa

    • SSDEEP

      3072:g9875NlvnNKVNUXPHyQpm9Ilf+BUEwNUBHMIn:PvNJ/yN9IlfE6UBH

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks