Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
356c1b7171d6aba40a1dd434d6a4b1ea810847be9b741d23c3be72aef4e1a036
-
Size
176KB
-
Sample
221206-bmwvgsea78
-
MD5
14fe2c844616c7685a3a2601c7884794
-
SHA1
3d00e6dc7dd4ccd82bf0b4e74cc9b797647b4c7e
-
SHA256
ed14486603cc232368e9b0650bd90163bbeec4f068aa4722926b0c4bf8683335
-
SHA512
804cd9d2b980cbf6b5645ca149076757d571f6975e0ae601cb2cef808549505f6f8bf44fef0a2c87c58b026b04e57a98d2e15c8dcb62f2856d6d513f941ec32a
-
SSDEEP
3072:Rmor9OlCc02OA83aBFMaHl4eIwJ+6+Owsbe7blHf8SZeZaEmX+bPaQoVARETb/C:IorgCc02OArBSeIlawF/ZeZDZboVAREa
Static task
static1
Behavioral task
behavioral1
Sample
356c1b7171d6aba40a1dd434d6a4b1ea810847be9b741d23c3be72aef4e1a036.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
356c1b7171d6aba40a1dd434d6a4b1ea810847be9b741d23c3be72aef4e1a036.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
356c1b7171d6aba40a1dd434d6a4b1ea810847be9b741d23c3be72aef4e1a036
-
Size
274KB
-
MD5
9b06106ec7ddfd36fe6092c40dd042d7
-
SHA1
b966830e4ff4cfb180810f4bf461cbab1c42be61
-
SHA256
356c1b7171d6aba40a1dd434d6a4b1ea810847be9b741d23c3be72aef4e1a036
-
SHA512
e48b1d47ac5af6a8602d59083e206113c774b2b06af0a3a21cdebb120f4511c1dcdec801e0352bda1e872c924c99cd8c41316cf45cc8c2cb77c508b7085443ef
-
SSDEEP
6144:8ZexVJOnbkxGFPKKK4awFYh5wIDcudniiJVS:8clMbaGLa7DcudniiJVS
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-