Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

ihre_telek...02.exe

windows7-x64

7

ihre_telek...02.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d273bfaf4339e6d40c9b0ebfdc9818d746f62ce71c6e0a34d45e75408a4734e

  • Size

    120KB

  • Sample

    221128-csd3asce2z

  • MD5

    7ad3059316e4cbb2921b492fd86972a1

  • SHA1

    48da47ccea7ebba1aaff119fc257efb58c9cb904

  • SHA256

    6d273bfaf4339e6d40c9b0ebfdc9818d746f62ce71c6e0a34d45e75408a4734e

  • SHA512

    26cadf042b038b43720c39327782f81d379b313f88d52bd42b1338e1fe8fab2f14cd529be5557a4a2019cf7bf730c988b186babc099c72f787a0d02a8f88f036

  • SSDEEP

    3072:74EjpQT7UkF/4faxa6keLTCYAo4RaHOP6AU59cvHa3H:7nQXU+2axBnPC3o4ROOybCC3

Score
7/10
persistence

Malware Config

Targets

    • Target

      ihre_telekom_mobilfunk_december_2014_8320002103_12_01_910238002_1_9_3_7_001_002.exe

    • Size

      144KB

    • MD5

      165e0668c9007305f4335ff6ed4c9854

    • SHA1

      b8ff03c73b8df5f9a840378b6862c39bd2b5eb5a

    • SHA256

      9bfb04be2ce0a624be8edc3666d93686b73ead053644430876047c4a88862881

    • SHA512

      a0232ea13fc9e30b9fbe89cd865a608ddb5137d03642ccb9674bfb8cd12590ac8560f6f6adc0ef2ee6040e50216f0abc1110d7d457b468534649eb2de8e5984b

    • SSDEEP

      3072:UT6NN25fPi/Xaxa6keLTCYAo4RaHOP6AU59ZvHa3B:5fMXi/XaxBn3C3o4ROOybLCR

    Score
    7/10
    persistence

    • Deletes itself

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks