Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6135beb7fbb464236364eea930de6ae63599767f73b9e30c2ea5120e1f71d525

  • Size

    341KB

  • Sample

    221204-r2lwtscf21

  • MD5

    c7cdb691e025d80891b6cdc2110b1815

  • SHA1

    f540dc134009a731da9d116b84a01831c638929c

  • SHA256

    6135beb7fbb464236364eea930de6ae63599767f73b9e30c2ea5120e1f71d525

  • SHA512

    2822bffd625440e7bb68f765ea9d149ad5717c71e1728a105b75ffa3bf131def304c029d1caa46f5cd54845d223dc5eca899bebb41577b1b5a27d1f65a146d71

  • SSDEEP

    3072:L1YEmvatiFxUi5h5cmk+t0JEC5ID3jMLXymlAjTI+TjLZDH6G11dRKi72s:xYeiIy1kiyEC5ID3j0ymlglLZuG1PZ

Malware Config

Targets

    • Target

      6135beb7fbb464236364eea930de6ae63599767f73b9e30c2ea5120e1f71d525

    • Size

      341KB

    • MD5

      c7cdb691e025d80891b6cdc2110b1815

    • SHA1

      f540dc134009a731da9d116b84a01831c638929c

    • SHA256

      6135beb7fbb464236364eea930de6ae63599767f73b9e30c2ea5120e1f71d525

    • SHA512

      2822bffd625440e7bb68f765ea9d149ad5717c71e1728a105b75ffa3bf131def304c029d1caa46f5cd54845d223dc5eca899bebb41577b1b5a27d1f65a146d71

    • SSDEEP

      3072:L1YEmvatiFxUi5h5cmk+t0JEC5ID3jMLXymlAjTI+TjLZDH6G11dRKi72s:xYeiIy1kiyEC5ID3j0ymlglLZuG1PZ

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks