Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

8ba296160b...50.exe

windows7-x64

8

8ba296160b...50.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ba296160b0a3426899c2167ef537ccc567d8046ad34cfadf42bc304164c4850

  • Size

    396KB

  • Sample

    221123-1ke7dsae8x

  • MD5

    5328ae97cf6d14c37b1e22e32c65d790

  • SHA1

    06a0c7df8801e8de881215905c85ae0b953799aa

  • SHA256

    8ba296160b0a3426899c2167ef537ccc567d8046ad34cfadf42bc304164c4850

  • SHA512

    d0cc06a61fb9f8280ce9a6811cbf33d312aff4e1b062ae8ec6c1b634bf98692af092d9e41e9bee7ce4ba3c6992e9fe1ad7f8fa0f87b7613b7698c1cd734abdc2

  • SSDEEP

    6144:kwuK/7e2njWUrrZzNrtV5knaZS0pl22RTHT6tQD44btL0oLEaqHP4RO8QWoSwaP:k/KpWYl5nxZvlRbT66DbBxvQWoSw

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      8ba296160b0a3426899c2167ef537ccc567d8046ad34cfadf42bc304164c4850

    • Size

      396KB

    • MD5

      5328ae97cf6d14c37b1e22e32c65d790

    • SHA1

      06a0c7df8801e8de881215905c85ae0b953799aa

    • SHA256

      8ba296160b0a3426899c2167ef537ccc567d8046ad34cfadf42bc304164c4850

    • SHA512

      d0cc06a61fb9f8280ce9a6811cbf33d312aff4e1b062ae8ec6c1b634bf98692af092d9e41e9bee7ce4ba3c6992e9fe1ad7f8fa0f87b7613b7698c1cd734abdc2

    • SSDEEP

      6144:kwuK/7e2njWUrrZzNrtV5knaZS0pl22RTHT6tQD44btL0oLEaqHP4RO8QWoSwaP:k/KpWYl5nxZvlRbT66DbBxvQWoSw

    Score
    8/10
    evasionpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks