Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

b1c49fcfa6...f6.exe

windows7-x64

10

b1c49fcfa6...f6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b1c49fcfa6c8b0e513c7b3bc7e9994d801e307c376f3ca2bdb9f374a51ef19f6.exe

  • Size

    1.7MB

  • Sample

    221105-2q4bvaaba5

  • MD5

    27b284fab61afb4e351edbcbd930aa3f

  • SHA1

    06d1988f308245688c337c1e4751cf3c262a02ba

  • SHA256

    b1c49fcfa6c8b0e513c7b3bc7e9994d801e307c376f3ca2bdb9f374a51ef19f6

  • SHA512

    07f40ee220eaf4f27a58d6389496694de8aebbfe3f5b588988349a68b1192faca4cd7fd81eb9f17bf3836e786381f1865658b65bc06942dff495736d0b08f3b3

  • SSDEEP

    49152:PvKK9gn45q8P+D48aQ5QhRPjkNtJeLHkJkQ:PWoetJeDE

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      b1c49fcfa6c8b0e513c7b3bc7e9994d801e307c376f3ca2bdb9f374a51ef19f6.exe

    • Size

      1.7MB

    • MD5

      27b284fab61afb4e351edbcbd930aa3f

    • SHA1

      06d1988f308245688c337c1e4751cf3c262a02ba

    • SHA256

      b1c49fcfa6c8b0e513c7b3bc7e9994d801e307c376f3ca2bdb9f374a51ef19f6

    • SHA512

      07f40ee220eaf4f27a58d6389496694de8aebbfe3f5b588988349a68b1192faca4cd7fd81eb9f17bf3836e786381f1865658b65bc06942dff495736d0b08f3b3

    • SSDEEP

      49152:PvKK9gn45q8P+D48aQ5QhRPjkNtJeLHkJkQ:PWoetJeDE

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks