Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a9948b9d207375c838170f10d4d9f2b105c7c50161eb87302283bcc3252efe06

  • Size

    405KB

  • Sample

    221127-aq8g1sfe92

  • MD5

    3fab513ea72b66790a740640d373a607

  • SHA1

    e469c0f22b903886c630653fc03fb13874c79376

  • SHA256

    a9948b9d207375c838170f10d4d9f2b105c7c50161eb87302283bcc3252efe06

  • SHA512

    955a4c564bbf9a9cac798883aeb2df10b503375df6f5baa635a013e5130a8728a8b5c5883555d6c9ebe69b3daf8bb9f1303cb0ec393c1723a96549599e8aea2b

  • SSDEEP

    6144:CoUdF36jIOMPqT2uNLgGzuNQaQPzMqGOY+uoc4OERP493fLk:CoUdF36cOMiZ+QF7MqLck

Score
10/10

Malware Config

Targets

    • Target

      a9948b9d207375c838170f10d4d9f2b105c7c50161eb87302283bcc3252efe06

    • Size

      405KB

    • MD5

      3fab513ea72b66790a740640d373a607

    • SHA1

      e469c0f22b903886c630653fc03fb13874c79376

    • SHA256

      a9948b9d207375c838170f10d4d9f2b105c7c50161eb87302283bcc3252efe06

    • SHA512

      955a4c564bbf9a9cac798883aeb2df10b503375df6f5baa635a013e5130a8728a8b5c5883555d6c9ebe69b3daf8bb9f1303cb0ec393c1723a96549599e8aea2b

    • SSDEEP

      6144:CoUdF36jIOMPqT2uNLgGzuNQaQPzMqGOY+uoc4OERP493fLk:CoUdF36cOMiZ+QF7MqLck

    Score
    10/10
    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks