Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

802a0abf5d...cf.exe

windows7-x64

8

802a0abf5d...cf.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    802a0abf5dfd3deb34fbaa6f4cae4356ffc86334c638eeb42c71eae0a6c86bcf

  • Size

    198KB

  • Sample

    221201-c6n5esbf9y

  • MD5

    bb9bb897a67da737ae11ea81bb9c807f

  • SHA1

    3127242826284b96d9b3525a2ced26e548b8aad5

  • SHA256

    802a0abf5dfd3deb34fbaa6f4cae4356ffc86334c638eeb42c71eae0a6c86bcf

  • SHA512

    7bb2d69db29190cb23773abda9e7a6e0766d094e1a499c570a6543e336bae5aa694958c66c540b45d3820aceac4276a353187805bfb8c2904443d2310b8359e9

  • SSDEEP

    6144:zW2ItDJivfUzoJZmLnByyYZuhcdeovKA8ZUk:z2iHU8aLBy4cdeob8Zt

Score
8/10
persistence

Malware Config

Targets

    • Target

      802a0abf5dfd3deb34fbaa6f4cae4356ffc86334c638eeb42c71eae0a6c86bcf

    • Size

      198KB

    • MD5

      bb9bb897a67da737ae11ea81bb9c807f

    • SHA1

      3127242826284b96d9b3525a2ced26e548b8aad5

    • SHA256

      802a0abf5dfd3deb34fbaa6f4cae4356ffc86334c638eeb42c71eae0a6c86bcf

    • SHA512

      7bb2d69db29190cb23773abda9e7a6e0766d094e1a499c570a6543e336bae5aa694958c66c540b45d3820aceac4276a353187805bfb8c2904443d2310b8359e9

    • SSDEEP

      6144:zW2ItDJivfUzoJZmLnByyYZuhcdeovKA8ZUk:z2iHU8aLBy4cdeob8Zt

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks