Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b2989e35351b59cd09af94f5c34a219c62c3a9dadd916388e383b3cf1681784c
-
Size
636KB
-
Sample
221201-2twfeadb2z
-
MD5
3e3ac2ff48513319876755fe2c2c1fe8
-
SHA1
99df28eca91c0b81967854c315d3b3a73aa1abfa
-
SHA256
b2989e35351b59cd09af94f5c34a219c62c3a9dadd916388e383b3cf1681784c
-
SHA512
12876a928464ae56321206a3c84d03b4b7e37c66ecf88769b3fd389140bbcb3c91fccbeda53e8a7f4f6a713b4a169719e215ebdf7639e0e51c7168a3de17e155
-
SSDEEP
12288:581Hly64AJKNGsctdkzsxiQDw5KF/vovC4Utfk5KO2VC3vc4N58:5Gly64vGNcLQ85KFXovCOIO2VCZs
Static task
static1
Behavioral task
behavioral1
Sample
1.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
ppi.exe
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
ppi.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
1.exe
-
Size
675KB
-
MD5
a2c8cbb73fea7bb34c92911d840d5508
-
SHA1
19d30711500ddeb81f14dd920421b2e7d7ed8e52
-
SHA256
d1bb60fd0965793e028ae7035157079f7b6c79165b40d75e7cf37c95ff08e642
-
SHA512
1756774b8b4256e45710d736ef3c86c195618f172c4a1c7c75f2142599bf17660abb918a056bdc795b7103e6b219fec1b0bedc85e0ccb244007e26a44e3c5b9d
-
SSDEEP
12288:D3WwcUo888888888888W88888888888/6LjdjDk33NwSH+aF+vkvC5rtTk5KODWa:TPcj6LjFS9jF6kvCUIODWkUM
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
ppi.exe
-
Size
364KB
-
MD5
c16a58796b7d10ea3e812e7e55c274ee
-
SHA1
ea985f6d2ac90fd652f298a3183166ce2b1a58e1
-
SHA256
04f804ae6a9bb208121454bc909a212b272c92adc1c1d24353e08320a3485646
-
SHA512
f51d5c33d3254bdc3d9b950c95f832a758c2ba4575ef474638f361dd740b84781cf3333130d3797e0fe4aa539a5bebe6f5e7032c99d5cd12fa555f80047c2f65
-
SSDEEP
6144:RqxjFV8M94cGTy5SPakDDQjqlFMURWxrSzZmz4:A74bAwVMMjmz
Score5/10-
Suspicious use of SetThreadContext
-