Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

a8022e0008...9f.exe

windows7-x64

8

a8022e0008...9f.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a8022e00082a8d24d4ad7ec9afc21502d3d554116f0b488fd145219257539c9f

  • Size

    173KB

  • Sample

    221202-w6723sfh7s

  • MD5

    a831df017d8ad6aea976eef21caf2b4f

  • SHA1

    b611550ba80df0c202b2ff1efd8d8fd3ecb29964

  • SHA256

    a8022e00082a8d24d4ad7ec9afc21502d3d554116f0b488fd145219257539c9f

  • SHA512

    1996fe7123868d0157fc9cd99f4f325b3a728e60a7b5ee9186824ae72d8fe755d6461b21adc414320ee1610ae40c51194f8152d9e0da6e68edd8831e172fc24b

  • SSDEEP

    3072:NuOm+LDsW55eB6fnRmjmcVyCtjgM+lWlpAkfnAv81lI7TNnAjbSReqDB+Qk:NL8W55OHyzlK2T6Kn6niDB

Score
8/10
persistence

Malware Config

Targets

    • Target

      a8022e00082a8d24d4ad7ec9afc21502d3d554116f0b488fd145219257539c9f

    • Size

      173KB

    • MD5

      a831df017d8ad6aea976eef21caf2b4f

    • SHA1

      b611550ba80df0c202b2ff1efd8d8fd3ecb29964

    • SHA256

      a8022e00082a8d24d4ad7ec9afc21502d3d554116f0b488fd145219257539c9f

    • SHA512

      1996fe7123868d0157fc9cd99f4f325b3a728e60a7b5ee9186824ae72d8fe755d6461b21adc414320ee1610ae40c51194f8152d9e0da6e68edd8831e172fc24b

    • SSDEEP

      3072:NuOm+LDsW55eB6fnRmjmcVyCtjgM+lWlpAkfnAv81lI7TNnAjbSReqDB+Qk:NL8W55OHyzlK2T6Kn6niDB

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks