Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4b776ed345b133863bcd954b24dc802409b64a17b41c497dc19a1a929e3b5d62
-
Size
186KB
-
Sample
221019-2x2rlacbbm
-
MD5
92329533810a2f732fb4147ca102c755
-
SHA1
4c252cd6305b805320482a5721036e52bf2f6953
-
SHA256
4b776ed345b133863bcd954b24dc802409b64a17b41c497dc19a1a929e3b5d62
-
SHA512
5879032cbf2cf9bc7464e445385999dcffd14929b9ec6e742bf3613bd7d1fd22f07e5ca5b9ddbffe34b0d7ce1b1b35a068b6cc5e1657fd6e72513d2b8a4c8cf1
-
SSDEEP
3072:VbR22QGWY6gBsCnn7okiIFbq49dcgxwU9SJlMxdSjXutbljlkZeQcvr:hR2vGWY6gBsCn7NVUP0wc4lwdUXSFlYK
Malware Config
Targets
-
-
Target
4b776ed345b133863bcd954b24dc802409b64a17b41c497dc19a1a929e3b5d62
-
Size
186KB
-
MD5
92329533810a2f732fb4147ca102c755
-
SHA1
4c252cd6305b805320482a5721036e52bf2f6953
-
SHA256
4b776ed345b133863bcd954b24dc802409b64a17b41c497dc19a1a929e3b5d62
-
SHA512
5879032cbf2cf9bc7464e445385999dcffd14929b9ec6e742bf3613bd7d1fd22f07e5ca5b9ddbffe34b0d7ce1b1b35a068b6cc5e1657fd6e72513d2b8a4c8cf1
-
SSDEEP
3072:VbR22QGWY6gBsCnn7okiIFbq49dcgxwU9SJlMxdSjXutbljlkZeQcvr:hR2vGWY6gBsCn7NVUP0wc4lwdUXSFlYK
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Modifies Installed Components in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-