Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

2761ead814...2b.dll

windows7-x64

10

2761ead814...2b.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2761ead814f321b5a5e1d1f51c0e0a28063810d253c2722512667a13b723b42b

  • Size

    472KB

  • Sample

    221204-cx37zsdc9w

  • MD5

    d65db2e450b05e2d639f3a680b6b7830

  • SHA1

    56935ce9001c2a31a573fdf2a7c6bd9cb8a43bc1

  • SHA256

    2761ead814f321b5a5e1d1f51c0e0a28063810d253c2722512667a13b723b42b

  • SHA512

    5b127445307aa094d39aa019966a2222f3a130465d98c205634c7706ea8b1618a392591dd0cd0c2bd51b4cc0c1480ef1b28e769ea1ae6880da73064c376bac99

  • SSDEEP

    12288:sehnaNPpSVZmNxRCwnwm3W3OHIIf5Rm8iV:seh0PpS6NxNnwYeOHXX7

Score
10/10
ramnitbankerpersistencespywarestealertrojanupxworm

Malware Config

Targets

    • Target

      2761ead814f321b5a5e1d1f51c0e0a28063810d253c2722512667a13b723b42b

    • Size

      472KB

    • MD5

      d65db2e450b05e2d639f3a680b6b7830

    • SHA1

      56935ce9001c2a31a573fdf2a7c6bd9cb8a43bc1

    • SHA256

      2761ead814f321b5a5e1d1f51c0e0a28063810d253c2722512667a13b723b42b

    • SHA512

      5b127445307aa094d39aa019966a2222f3a130465d98c205634c7706ea8b1618a392591dd0cd0c2bd51b4cc0c1480ef1b28e769ea1ae6880da73064c376bac99

    • SSDEEP

      12288:sehnaNPpSVZmNxRCwnwm3W3OHIIf5Rm8iV:seh0PpS6NxNnwYeOHXX7

    Score
    10/10
    ramnitbankerpersistencespywarestealertrojanupxworm

    • Modifies WinLogon for persistence

      persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks