Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8db8828c288716a77908e48454765eb6a1fcd94ff1ba620c3295c80307934fdf

  • Size

    151KB

  • Sample

    221127-wq3sesge25

  • MD5

    fdf4e34e1dec16cf394670450b605506

  • SHA1

    310d15fe6b60c675d77bf255f51d4723738bef67

  • SHA256

    8db8828c288716a77908e48454765eb6a1fcd94ff1ba620c3295c80307934fdf

  • SHA512

    abcca97aca7007e60b9ded9c5565d89b757ac8ac1f4317475a553d6795137a424f44fdd62d8de565e512ac52482af090465e9a590689e3f156be54ed32a26edb

  • SSDEEP

    3072:25dPwqg43yjc8eFaCWw5XT25K2+C9ggR6bgraahtN4i:Kz3n8QaC+5K1CGgR6WaahtGi

Malware Config

Targets

    • Target

      8db8828c288716a77908e48454765eb6a1fcd94ff1ba620c3295c80307934fdf

    • Size

      151KB

    • MD5

      fdf4e34e1dec16cf394670450b605506

    • SHA1

      310d15fe6b60c675d77bf255f51d4723738bef67

    • SHA256

      8db8828c288716a77908e48454765eb6a1fcd94ff1ba620c3295c80307934fdf

    • SHA512

      abcca97aca7007e60b9ded9c5565d89b757ac8ac1f4317475a553d6795137a424f44fdd62d8de565e512ac52482af090465e9a590689e3f156be54ed32a26edb

    • SSDEEP

      3072:25dPwqg43yjc8eFaCWw5XT25K2+C9ggR6bgraahtN4i:Kz3n8QaC+5K1CGgR6WaahtGi

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Executes dropped EXE

    • Deletes itself

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks