Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

RG92820000...06.exe

windows7-x64

7

RG92820000...06.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b49ed69f5e3b822cab6670d6af77d41e2234e32a797165688f6470d7ec255b2a

  • Size

    126KB

  • Sample

    221124-e9efhahf63

  • MD5

    09722b6cb05b818e4bbe5dd06a4aadf0

  • SHA1

    4acc06b00e83b599eeb9c58788abc5e4f496de44

  • SHA256

    b49ed69f5e3b822cab6670d6af77d41e2234e32a797165688f6470d7ec255b2a

  • SHA512

    025a7337fefe7cf50cf4f21c277a1ca63d4eb470113ba2a253fa1c8bb41f50d4e8d3f0531592b2c43e48a8ee98de76423bd09b3583b324ec2d19d878c2123928

  • SSDEEP

    3072:LQLmZuIPLyr7blrQStd3jUQdW6CTHeOO16ogZrssU4nYaI0y2:s+Ly/prQqz1QTE6dZrqaYfo

Score
7/10
persistence

Malware Config

Targets

    • Target

      RG928200002_2014_november_00000329320.023042490280.0324980000038-0000006.exe

    • Size

      176KB

    • MD5

      72fa9e74d45dda3085eafb77eb497b1a

    • SHA1

      536b13842b5c0ff70177c0c4fd80ce1ff892a15e

    • SHA256

      7a4e899fc05973c8d3fb596750fc1b848daad7cd2cc6cee2c8fb44977e39c45d

    • SHA512

      f5313d65269010038072e25e2ca6859a914a5db31815ee662def861a7809f6098fd25dc68c142efd5e0929e420221393e73aa77fbcd4ba8af4da95a73329737c

    • SSDEEP

      3072:zQnHNmI+yMkJR+Omz1C+cSQStd3jUQdW6OTHeOO16ogZrssN6wc+ga0Mhze:zwHBRtJ2BC+Cqz14TE6dZr5PQ

    Score
    7/10
    persistence

    • Deletes itself

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks