Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

�...mp.exe

windows7-x64

8

�...mp.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c28e7a0d3d99a6e69251627e79038458044c6648bf469ee9920b0e72fbf58036

  • Size

    811KB

  • Sample

    221127-fgqhqsed7y

  • MD5

    e009ba2c38cd1954c0b6050c02ee9318

  • SHA1

    aa6644a241d7553684f1609f627ca29afd801465

  • SHA256

    c28e7a0d3d99a6e69251627e79038458044c6648bf469ee9920b0e72fbf58036

  • SHA512

    8824a0dd8147a418874035bbac701309e70437155e6eba8a5688b728c1f569bd23b6c4f1ad59035161c0acfcb38377914d6952b34d656175af22db99e18e8b5e

  • SSDEEP

    12288:MoaDgfZuD4+NiN3xWAhTF+IXXCdhvFX5Z4lbU19M8MNfNjxLvP3kBqvTjcXwdf:MiqNU3xwInCdhvybUP2NVbfksGwdf

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      1224AѰ/JF.vmp.exe

    • Size

      1.6MB

    • MD5

      a6779bcea538003f234cac9eda5c3e11

    • SHA1

      1c9cf5ddf8bb677bdc72504a0d4afca2ae5da129

    • SHA256

      760446230a6d19e2708219c926b506dac5ed1670c12da8d0ee85c81f589de70b

    • SHA512

      e6a68037cb66d7dd698eb82c6db3d79a102456746f891d7487965c62b7b2cf477bd24761df86b7388fa04c0bfdb9762c0cce5e1ddd2bf372854f27e7b67e633e

    • SSDEEP

      24576:nJqq2Ry+SADTkKQMLKugr58pyoUMvq8+9fykbPhbcm/KK9avA/elBql:nUoSLK163U0bkbeGNIvRP

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks