Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

26c16cebb7...38.exe

windows7-x64

8

26c16cebb7...38.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26c16cebb734b373c529e8a7fcc09a8f919519642e91571416663750d1a44338

  • Size

    164KB

  • Sample

    221020-k3cafsegfr

  • MD5

    5ac82e4b3118192706d18404f098a99a

  • SHA1

    8123f470119f7a1ee9308a386daa7943b969196c

  • SHA256

    26c16cebb734b373c529e8a7fcc09a8f919519642e91571416663750d1a44338

  • SHA512

    26645a5662a3381cebd0e09516c6904800e5eb39fc102fce0ccf11d0641b85adff9b75e18dab7cf608b14e0fd081876713eb1ff36ccf530a0809061c59de86d5

  • SSDEEP

    3072:QA5oIyXWxPCF0KBviE7b/zk9B/h/J7uxWL15ozoQsMvUhfFDR2irglTe15bFOU1E:vwWxKF05Enzk9BdJCwdF9s615b/s8Vx

Score
8/10
persistence

Malware Config

Targets

    • Target

      26c16cebb734b373c529e8a7fcc09a8f919519642e91571416663750d1a44338

    • Size

      164KB

    • MD5

      5ac82e4b3118192706d18404f098a99a

    • SHA1

      8123f470119f7a1ee9308a386daa7943b969196c

    • SHA256

      26c16cebb734b373c529e8a7fcc09a8f919519642e91571416663750d1a44338

    • SHA512

      26645a5662a3381cebd0e09516c6904800e5eb39fc102fce0ccf11d0641b85adff9b75e18dab7cf608b14e0fd081876713eb1ff36ccf530a0809061c59de86d5

    • SSDEEP

      3072:QA5oIyXWxPCF0KBviE7b/zk9B/h/J7uxWL15ozoQsMvUhfFDR2irglTe15bFOU1E:vwWxKF05Enzk9BdJCwdF9s615b/s8Vx

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks