Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b858414f82da91b44da1734432929660a2b866f5a424d88d4f60b6c0ffba9319

  • Size

    456KB

  • Sample

    221128-dap8aadg4t

  • MD5

    55b8bd9e2420f79afb0b3e1dd8a33076

  • SHA1

    94ab22b20ae4035cc3d57744883e8c31eef4188a

  • SHA256

    b858414f82da91b44da1734432929660a2b866f5a424d88d4f60b6c0ffba9319

  • SHA512

    5a126991b073432d53504dd97c7404bac0bdb784662133b1aae44d52a255b0923c60cbd96505d16de8dab140470b5519a975d8b753f0ea24f9271071ad0925d9

  • SSDEEP

    12288:nykzrbETClqHskFgFwIyXCDf6yTy6rLhnfOWEeIc4Yh:h76CsskFgqIyXNMLhZtMY

Malware Config

Targets

    • Target

      b858414f82da91b44da1734432929660a2b866f5a424d88d4f60b6c0ffba9319

    • Size

      456KB

    • MD5

      55b8bd9e2420f79afb0b3e1dd8a33076

    • SHA1

      94ab22b20ae4035cc3d57744883e8c31eef4188a

    • SHA256

      b858414f82da91b44da1734432929660a2b866f5a424d88d4f60b6c0ffba9319

    • SHA512

      5a126991b073432d53504dd97c7404bac0bdb784662133b1aae44d52a255b0923c60cbd96505d16de8dab140470b5519a975d8b753f0ea24f9271071ad0925d9

    • SSDEEP

      12288:nykzrbETClqHskFgFwIyXCDf6yTy6rLhnfOWEeIc4Yh:h76CsskFgqIyXNMLhZtMY

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Executes dropped EXE

    • Deletes itself

    • Accesses Microsoft Outlook profiles

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks