Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    22c9a7487e6bf48aabb18fb78764c32241d73cdcade83fdef03451d2579371b1_dump7_0x004e0000

  • Size

    76KB

  • Sample

    221027-fnf8msagem

  • MD5

    affe4953434367b5f2d0c4b4a6ca8408

  • SHA1

    6868d41cf7e1c6cefe5564fdddc475af627b935d

  • SHA256

    9cf8b64c1ee057cb4de32c839192baed41c01bd49a1347232e4024ec4171a700

  • SHA512

    0f494739f25bfc75125138c4060340a4115ad06c7897160b124acf0a178ac1506f4266cfb97db7d106ccb9793e64c5fcd5130745d8d3a8b5bb488305c3a33b23

  • SSDEEP

    1536:/s9fQZTinTxSpCS6bMBPH/Hoaekcdnef7Eoq52G:/l5inNSprwy/HoapcdezZq52G

Malware Config

Targets

    • Target

      22c9a7487e6bf48aabb18fb78764c32241d73cdcade83fdef03451d2579371b1_dump7_0x004e0000

    • Size

      76KB

    • MD5

      affe4953434367b5f2d0c4b4a6ca8408

    • SHA1

      6868d41cf7e1c6cefe5564fdddc475af627b935d

    • SHA256

      9cf8b64c1ee057cb4de32c839192baed41c01bd49a1347232e4024ec4171a700

    • SHA512

      0f494739f25bfc75125138c4060340a4115ad06c7897160b124acf0a178ac1506f4266cfb97db7d106ccb9793e64c5fcd5130745d8d3a8b5bb488305c3a33b23

    • SSDEEP

      1536:/s9fQZTinTxSpCS6bMBPH/Hoaekcdnef7Eoq52G:/l5inNSprwy/HoapcdezZq52G

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks