Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

d478c33a5a...fa.exe

windows7-x64

10

d478c33a5a...fa.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d478c33a5a960b15c4b70d0f75b9ad4d10e59ae65da4161d5bc6ffdf902da5fa

  • Size

    229KB

  • Sample

    221011-v7ml4agaek

  • MD5

    4f4cc61af78b4504827dcda4294f8c9a

  • SHA1

    40fc6ae4c8fe89cb2a4e2be2e62fb132aa392c8c

  • SHA256

    d478c33a5a960b15c4b70d0f75b9ad4d10e59ae65da4161d5bc6ffdf902da5fa

  • SHA512

    cbe2adf1effbe692b8d2f0555cdccce03f4dfe0f60c939981e6019a6f7b4dc39c370755c147a83643d1309ebe9068af4b0cf9a6083b7056607a5a3d02edbf6d1

  • SSDEEP

    6144:XpoQ/WM4+jKUC4aL3q8Ii7ACcKsIEBEjheDRXy8A:eQeM4++UPauGps7B8epDA

Score
10/10
evasion

Malware Config

Targets

    • Target

      d478c33a5a960b15c4b70d0f75b9ad4d10e59ae65da4161d5bc6ffdf902da5fa

    • Size

      229KB

    • MD5

      4f4cc61af78b4504827dcda4294f8c9a

    • SHA1

      40fc6ae4c8fe89cb2a4e2be2e62fb132aa392c8c

    • SHA256

      d478c33a5a960b15c4b70d0f75b9ad4d10e59ae65da4161d5bc6ffdf902da5fa

    • SHA512

      cbe2adf1effbe692b8d2f0555cdccce03f4dfe0f60c939981e6019a6f7b4dc39c370755c147a83643d1309ebe9068af4b0cf9a6083b7056607a5a3d02edbf6d1

    • SSDEEP

      6144:XpoQ/WM4+jKUC4aL3q8Ii7ACcKsIEBEjheDRXy8A:eQeM4++UPauGps7B8epDA

    Score
    10/10
    evasion

    • Modifies firewall policy service

      evasion

    • Modifies security service

      evasion

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks