Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

b0bc1edee9...8e.exe

windows7-x64

8

b0bc1edee9...8e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b0bc1edee90f531e87fd46fa4729366c5e4cd46507f98f8ef97188fca8f45c8e

  • Size

    216KB

  • Sample

    221203-qjzvasge6z

  • MD5

    79b58f50dc76ec667a996e8fe2af3d14

  • SHA1

    b68a4cdfc2093955b6692b10c7a5888e6c695d1c

  • SHA256

    b0bc1edee90f531e87fd46fa4729366c5e4cd46507f98f8ef97188fca8f45c8e

  • SHA512

    dce0e40b98c62bfadb3dc2c7964465d8dd1bd03b0e8bd817ebca9c7ebdc6a19a56890b1d5d505967fcb563446718c507b1bc6afee16343d18f5b6e48e3b8c74d

  • SSDEEP

    3072:+37TFytkq+usgdZRK3w4AkF3M1NToHtbrZf:+37ctlO+P4j3ST4tbrZf

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      b0bc1edee90f531e87fd46fa4729366c5e4cd46507f98f8ef97188fca8f45c8e

    • Size

      216KB

    • MD5

      79b58f50dc76ec667a996e8fe2af3d14

    • SHA1

      b68a4cdfc2093955b6692b10c7a5888e6c695d1c

    • SHA256

      b0bc1edee90f531e87fd46fa4729366c5e4cd46507f98f8ef97188fca8f45c8e

    • SHA512

      dce0e40b98c62bfadb3dc2c7964465d8dd1bd03b0e8bd817ebca9c7ebdc6a19a56890b1d5d505967fcb563446718c507b1bc6afee16343d18f5b6e48e3b8c74d

    • SSDEEP

      3072:+37TFytkq+usgdZRK3w4AkF3M1NToHtbrZf:+37ctlO+P4j3ST4tbrZf

    Score
    8/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks