Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3361935bbe0f9d1d4fd2cd52d0dcf65e1800fab297abac7341e450b6d407e8d8
-
Size
100KB
-
Sample
221121-sxh5tafe87
-
MD5
0a211a2cb79a221b59cd53fa159350d2
-
SHA1
9b34a62a248514dc64c1d91a0edb52fe29028a86
-
SHA256
3361935bbe0f9d1d4fd2cd52d0dcf65e1800fab297abac7341e450b6d407e8d8
-
SHA512
805c6c788a6cdac984278494c53e73c586f01902c9e1b5e5a5b89208ba9f710d378a97b861ba0ef19cebe3719cb93207792a9f495d23c91a15898339075859b0
-
SSDEEP
1536:25zsDNdr46AqK/b7xMdIi8stfIEtJxPKWgd8kNycHWf:+67K/b1Qf86xPk8kscHWf
Static task
static1
Behavioral task
behavioral1
Sample
3361935bbe0f9d1d4fd2cd52d0dcf65e1800fab297abac7341e450b6d407e8d8.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3361935bbe0f9d1d4fd2cd52d0dcf65e1800fab297abac7341e450b6d407e8d8.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
3361935bbe0f9d1d4fd2cd52d0dcf65e1800fab297abac7341e450b6d407e8d8
-
Size
100KB
-
MD5
0a211a2cb79a221b59cd53fa159350d2
-
SHA1
9b34a62a248514dc64c1d91a0edb52fe29028a86
-
SHA256
3361935bbe0f9d1d4fd2cd52d0dcf65e1800fab297abac7341e450b6d407e8d8
-
SHA512
805c6c788a6cdac984278494c53e73c586f01902c9e1b5e5a5b89208ba9f710d378a97b861ba0ef19cebe3719cb93207792a9f495d23c91a15898339075859b0
-
SSDEEP
1536:25zsDNdr46AqK/b7xMdIi8stfIEtJxPKWgd8kNycHWf:+67K/b1Qf86xPk8kscHWf
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-