Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

83baf992a3...14.exe

windows7-x64

8

83baf992a3...14.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    83baf992a37a10a99b6f5cfc9b9ae2600fff57248fb584590f8c04fc9c52c614

  • Size

    168KB

  • Sample

    221129-hhavsahd8v

  • MD5

    ecc8daa9c96bd99c1419ebeea32b1b67

  • SHA1

    c3f4924a4f5e03f9016381869e9d1b7e35a5d5ec

  • SHA256

    83baf992a37a10a99b6f5cfc9b9ae2600fff57248fb584590f8c04fc9c52c614

  • SHA512

    cfd64fc43dba20252db55e2f11c107aed10ff3ace8500f7dd679f1ca75d149f39cbd5669fb2dfdb2c7cb9326e000a90800866724057a924174b4c888fadfd60f

  • SSDEEP

    3072:7Lg95BKAUeKMKk4oIOA2CY1Qrz4+JSVwGj9vjjZ4FKtkN6EWwKXWH+/snyJs/xuz:7Lg95tUbk7IOFyrcHVwGJLl4FJN5SmHt

Score
8/10
persistence

Malware Config

Targets

    • Target

      83baf992a37a10a99b6f5cfc9b9ae2600fff57248fb584590f8c04fc9c52c614

    • Size

      168KB

    • MD5

      ecc8daa9c96bd99c1419ebeea32b1b67

    • SHA1

      c3f4924a4f5e03f9016381869e9d1b7e35a5d5ec

    • SHA256

      83baf992a37a10a99b6f5cfc9b9ae2600fff57248fb584590f8c04fc9c52c614

    • SHA512

      cfd64fc43dba20252db55e2f11c107aed10ff3ace8500f7dd679f1ca75d149f39cbd5669fb2dfdb2c7cb9326e000a90800866724057a924174b4c888fadfd60f

    • SSDEEP

      3072:7Lg95BKAUeKMKk4oIOA2CY1Qrz4+JSVwGj9vjjZ4FKtkN6EWwKXWH+/snyJs/xuz:7Lg95tUbk7IOFyrcHVwGJLl4FJN5SmHt

    Score
    8/10
    persistence

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks