Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

de8634a593...7d.exe

windows7-x64

8

de8634a593...7d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    de8634a593943d8342a61e9f7d74601741ae99d38bf6e9242dbb9189d49c2c7d

  • Size

    159KB

  • Sample

    221001-3xdkfaceh8

  • MD5

    f14ebf527b368bc6e95b577c66e6b9f4

  • SHA1

    1a548e3225fb651b48f3ae586b537aa3bb3731fa

  • SHA256

    de8634a593943d8342a61e9f7d74601741ae99d38bf6e9242dbb9189d49c2c7d

  • SHA512

    833f258fd043e19a5689689f789dd60fed6895af2a764155f220ff7a470c9201d560ab5bf20553723fea110b678159550897cdea5e119e248e7a16d89cee7a94

  • SSDEEP

    3072:p6D7h1+hV2PCbQKSFYVG7BPWpQ74G2IHn2g93SPwPHs08frkEOWY/UIKOj:pSN1SiCcxFYVLyMCjjfcOWYjJj

Score
8/10
persistence

Malware Config

Targets

    • Target

      de8634a593943d8342a61e9f7d74601741ae99d38bf6e9242dbb9189d49c2c7d

    • Size

      159KB

    • MD5

      f14ebf527b368bc6e95b577c66e6b9f4

    • SHA1

      1a548e3225fb651b48f3ae586b537aa3bb3731fa

    • SHA256

      de8634a593943d8342a61e9f7d74601741ae99d38bf6e9242dbb9189d49c2c7d

    • SHA512

      833f258fd043e19a5689689f789dd60fed6895af2a764155f220ff7a470c9201d560ab5bf20553723fea110b678159550897cdea5e119e248e7a16d89cee7a94

    • SSDEEP

      3072:p6D7h1+hV2PCbQKSFYVG7BPWpQ74G2IHn2g93SPwPHs08frkEOWY/UIKOj:pSN1SiCcxFYVLyMCjjfcOWYjJj

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks