Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    316KB

  • Sample

    221223-c1vp1sff78

  • MD5

    f888a176a38549cc9c0bab4424a8fffc

  • SHA1

    1631251a261638c4e6af5908c16bdb27351c7d42

  • SHA256

    2ce5142469202d7bce3b0a656511679d82e61d3e1a125ad968a7f917bb7f872e

  • SHA512

    c07f70dd4cd3e347bf5456e11e8d1da8f6d08c168dabeb94c0423dfae60c649462b9a3d65691c4166b3a1f2de5e43d3165f057c0a338faf4434b3c361fe7853f

  • SSDEEP

    6144:kpLutLEANOntKSCJG9E0WtehpRR0cSpQTtyzsduHNIv:kpStL1NOt7elgLRR0TCtyYduHNI

Malware Config

Targets

    • Target

      file.exe

    • Size

      316KB

    • MD5

      f888a176a38549cc9c0bab4424a8fffc

    • SHA1

      1631251a261638c4e6af5908c16bdb27351c7d42

    • SHA256

      2ce5142469202d7bce3b0a656511679d82e61d3e1a125ad968a7f917bb7f872e

    • SHA512

      c07f70dd4cd3e347bf5456e11e8d1da8f6d08c168dabeb94c0423dfae60c649462b9a3d65691c4166b3a1f2de5e43d3165f057c0a338faf4434b3c361fe7853f

    • SSDEEP

      6144:kpLutLEANOntKSCJG9E0WtehpRR0cSpQTtyzsduHNIv:kpStL1NOt7elgLRR0TCtyYduHNI

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks