Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0c3340f1466da545f49e0b41d1da4309e2cae1c21433cbf8262fde76efa29dce

  • Size

    284KB

  • Sample

    220929-sh9dfsbca6

  • MD5

    12dc0d9202646100a23b481c1de6c853

  • SHA1

    3912823917834982ceed3f71b2c019f216cc1445

  • SHA256

    0c3340f1466da545f49e0b41d1da4309e2cae1c21433cbf8262fde76efa29dce

  • SHA512

    4a81d63060939b160ef87b38167037212821fb0979627890c037e63776987356648ced2f2b8a69d0be12b7a642b6a13cd926589df51acf624e0ea3250cc524ad

  • SSDEEP

    6144:ggK1+bceAPG5sQW5pQMAXuzbgwuO0BefuwVfg3L:g9Y6EWKunnwBeK3

Malware Config

Targets

    • Target

      0c3340f1466da545f49e0b41d1da4309e2cae1c21433cbf8262fde76efa29dce

    • Size

      284KB

    • MD5

      12dc0d9202646100a23b481c1de6c853

    • SHA1

      3912823917834982ceed3f71b2c019f216cc1445

    • SHA256

      0c3340f1466da545f49e0b41d1da4309e2cae1c21433cbf8262fde76efa29dce

    • SHA512

      4a81d63060939b160ef87b38167037212821fb0979627890c037e63776987356648ced2f2b8a69d0be12b7a642b6a13cd926589df51acf624e0ea3250cc524ad

    • SSDEEP

      6144:ggK1+bceAPG5sQW5pQMAXuzbgwuO0BefuwVfg3L:g9Y6EWKunnwBeK3

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks