Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

e5dcf21051...c2.exe

windows7-x64

8

e5dcf21051...c2.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e5dcf21051fa59d7979ba1f15b4b4eb3a18e4dab3e8374423a27f8c18bfda2c2

  • Size

    120KB

  • Sample

    221121-saeh4shh9t

  • MD5

    3b0c4f40a9cc4f19be91707f7bd9d8a0

  • SHA1

    fb602bf718a1c25d8c3ae9d5716dff118309688b

  • SHA256

    e5dcf21051fa59d7979ba1f15b4b4eb3a18e4dab3e8374423a27f8c18bfda2c2

  • SHA512

    908c0b28de588c9220ba81786189e6cde30da53d23ab0966437d05b36cf3269c213e2c49539d84e69aef1367de858b01c9fd9c785abd39c19f0c1647d577c684

  • SSDEEP

    1536:QIDThSFWEv7NyArVF3qmRIjbPT6XpOPzmsLPtTh0PE:phSFWETNykFaygbipEzLLPRh0M

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      e5dcf21051fa59d7979ba1f15b4b4eb3a18e4dab3e8374423a27f8c18bfda2c2

    • Size

      120KB

    • MD5

      3b0c4f40a9cc4f19be91707f7bd9d8a0

    • SHA1

      fb602bf718a1c25d8c3ae9d5716dff118309688b

    • SHA256

      e5dcf21051fa59d7979ba1f15b4b4eb3a18e4dab3e8374423a27f8c18bfda2c2

    • SHA512

      908c0b28de588c9220ba81786189e6cde30da53d23ab0966437d05b36cf3269c213e2c49539d84e69aef1367de858b01c9fd9c785abd39c19f0c1647d577c684

    • SSDEEP

      1536:QIDThSFWEv7NyArVF3qmRIjbPT6XpOPzmsLPtTh0PE:phSFWETNykFaygbipEzLLPRh0M

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks