Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

c1e97786db...cf.exe

windows7-x64

8

c1e97786db...cf.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1e97786db3e715c619c693c999e64f3999d34d9739bb738bdc20d2cf276f0cf

  • Size

    297KB

  • Sample

    221204-prvpwahf66

  • MD5

    8b3b917ae185bd8d11e6d3701122b2f5

  • SHA1

    4e9f92e82a2f93131f6196aca11031b111c62965

  • SHA256

    c1e97786db3e715c619c693c999e64f3999d34d9739bb738bdc20d2cf276f0cf

  • SHA512

    e7d253f78580396e9ce186bcf999da8956016010f23bd5fa03ff4f1a2dbe0c8dff136ef32d8e05680370ba1b1284a22ffd9a0c75c18022457fd7296716fd70c7

  • SSDEEP

    6144:VcN8VUCEz65mSt1IdDQPGKT4m29fLC+uaMDtBDSDxexPwE:VcYUxz65mSQdsPGKT/sCvaMDtBuNedwE

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      c1e97786db3e715c619c693c999e64f3999d34d9739bb738bdc20d2cf276f0cf

    • Size

      297KB

    • MD5

      8b3b917ae185bd8d11e6d3701122b2f5

    • SHA1

      4e9f92e82a2f93131f6196aca11031b111c62965

    • SHA256

      c1e97786db3e715c619c693c999e64f3999d34d9739bb738bdc20d2cf276f0cf

    • SHA512

      e7d253f78580396e9ce186bcf999da8956016010f23bd5fa03ff4f1a2dbe0c8dff136ef32d8e05680370ba1b1284a22ffd9a0c75c18022457fd7296716fd70c7

    • SSDEEP

      6144:VcN8VUCEz65mSt1IdDQPGKT4m29fLC+uaMDtBDSDxexPwE:VcYUxz65mSQdsPGKT/sCvaMDtBuNedwE

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks