Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

de_0000239...98.exe

windows7-x64

7

de_0000239...98.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9c0a0d3fcf81863693c5659c71c9e7eb10fe1005715b79c318adf579e7c3f4fc

  • Size

    117KB

  • Sample

    221128-d9215agd21

  • MD5

    f5000cd3726347ecdd4e59f9c9a3f64b

  • SHA1

    7490029832e6a6fac1f98c3aad1696589be4bed5

  • SHA256

    9c0a0d3fcf81863693c5659c71c9e7eb10fe1005715b79c318adf579e7c3f4fc

  • SHA512

    0a0705db35efb096d3cab5eadf6b1fcff126a15ee92972b8821dac47eef358547b19a99f9f37fb6b2600782defe38d17f3d90b0566e7b5009e7a6db908c45499

  • SSDEEP

    3072:onvn2tfgXxN7yAvJlIK08RVIizYafFikD1aC1GIAy:oetoXkK08RVL0+FiGf

Score
7/10
persistence

Malware Config

Targets

    • Target

      de_0000239029_rechnung_scan_hp_28_0000000904_page_2_10_01_05_id_00291002098.exe

    • Size

      148KB

    • MD5

      cf8a95fdfdac0838c986c0bf0d3e0644

    • SHA1

      dfb8489d7fa3486e89af729eb60241e7611b1b92

    • SHA256

      caa59a2cbbfed250b7f776e36907a17710c12cdcf2bd8a04ec7a4f3be8125e29

    • SHA512

      7739e52ec9eb778664cf151e16d5b29496ed875431cd3cf4b6924dba992d280dc1769a38ecf63c4601a24a3e0460629afce64611427cd9b90b45a436bdc58aae

    • SSDEEP

      3072:ssKHHVQIy7lIK08RVIizYafDikD1a9InMv90VG3F:7KKAK08RVL0+DiGhnMFyG3

    Score
    7/10
    persistence

    • Deletes itself

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks