Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

93f8ef9a87...37.exe

windows7-x64

10

93f8ef9a87...37.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    93f8ef9a878ac66d6dd24fcb4d3399f8e245841639f85b1aa90d558cb26aee37

  • Size

    236KB

  • Sample

    221011-sazjaaafg6

  • MD5

    15bd2eb33c00b4771079227eb1b7eb90

  • SHA1

    0ca58f908247fb0fcc8271558501cbac65d17132

  • SHA256

    93f8ef9a878ac66d6dd24fcb4d3399f8e245841639f85b1aa90d558cb26aee37

  • SHA512

    e157b160733398a71f3bdcb1c2338c37d3fabc3fdb6e39e95cf5c5296be5d267b610f68ea722fcca628686efa4e0f809b7a45ac32f9b48d1534627dcee409dc6

  • SSDEEP

    3072:eKXxdEuTxsiVT0MjuV+pARwF/zQJLNP2yZroO70YVdBkKpkcpe2gvU:1dEuTxbB/pAulOLx/ZceBkNseJU

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      93f8ef9a878ac66d6dd24fcb4d3399f8e245841639f85b1aa90d558cb26aee37

    • Size

      236KB

    • MD5

      15bd2eb33c00b4771079227eb1b7eb90

    • SHA1

      0ca58f908247fb0fcc8271558501cbac65d17132

    • SHA256

      93f8ef9a878ac66d6dd24fcb4d3399f8e245841639f85b1aa90d558cb26aee37

    • SHA512

      e157b160733398a71f3bdcb1c2338c37d3fabc3fdb6e39e95cf5c5296be5d267b610f68ea722fcca628686efa4e0f809b7a45ac32f9b48d1534627dcee409dc6

    • SSDEEP

      3072:eKXxdEuTxsiVT0MjuV+pARwF/zQJLNP2yZroO70YVdBkKpkcpe2gvU:1dEuTxbB/pAulOLx/ZceBkNseJU

    Score
    10/10
    evasionpersistenceupx

    • Modifies firewall policy service

      evasion

    • Adds policy Run key to start application

      persistence

    • Modifies Installed Components in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks