Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

00f5bd3e89...cf.exe

windows7-x64

8

00f5bd3e89...cf.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00f5bd3e89567dd9701b280928285479b480c88e911b2e8234a3009109b225cf

  • Size

    176KB

  • Sample

    221123-26skaaeg5y

  • MD5

    4a8cef27a6378e6872b679cebcb832f0

  • SHA1

    dbabee04b873779d34adbc85fbd46fad9a55e528

  • SHA256

    00f5bd3e89567dd9701b280928285479b480c88e911b2e8234a3009109b225cf

  • SHA512

    21245d0aa1e3b82121dd2f2933f52e4074660f0835c4a1e58c271727793bbc4e690e3be089af333413c4c238cc1ef90b070e1108e1fdf3ae1387cf1f422cec0f

  • SSDEEP

    3072:c0zJ0JdUYwvy6DylMdVEosEmWMy8pmZH5Cw7FJGxMfSFMmXwC+7AOO3yG+uVn:Vz60YwKOysEosEfJCe5C0fmwNUriYV

Score
8/10
persistence

Malware Config

Targets

    • Target

      00f5bd3e89567dd9701b280928285479b480c88e911b2e8234a3009109b225cf

    • Size

      176KB

    • MD5

      4a8cef27a6378e6872b679cebcb832f0

    • SHA1

      dbabee04b873779d34adbc85fbd46fad9a55e528

    • SHA256

      00f5bd3e89567dd9701b280928285479b480c88e911b2e8234a3009109b225cf

    • SHA512

      21245d0aa1e3b82121dd2f2933f52e4074660f0835c4a1e58c271727793bbc4e690e3be089af333413c4c238cc1ef90b070e1108e1fdf3ae1387cf1f422cec0f

    • SSDEEP

      3072:c0zJ0JdUYwvy6DylMdVEosEmWMy8pmZH5Cw7FJGxMfSFMmXwC+7AOO3yG+uVn:Vz60YwKOysEosEfJCe5C0fmwNUriYV

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks