Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

26/12/2022, 02:17 UTC

221226-cq1taafe7t 8

26/12/2022, 01:37 UTC

221226-b16lvafe6s 8

26/12/2022, 01:34 UTC

221226-by65lacd25 8

25/12/2022, 04:48 UTC

221225-fff8nsbb39 10

General

  • Target

    97c5a2a43d3d301f94d6226e60e12b08f04ce416ba2d1b93fa98b26fa9783e12

  • Size

    1.6MB

  • Sample

    221225-fff8nsbb39

  • MD5

    5015b3096f5bf7039c82684c2d88bf2c

  • SHA1

    24aada32e2ac068d737866b6561e64a20f10f65e

  • SHA256

    97c5a2a43d3d301f94d6226e60e12b08f04ce416ba2d1b93fa98b26fa9783e12

  • SHA512

    808031a37f169702a6e495bbd7597a8a2dd6c7e0d9690d35b4b822aff59987db5674bea0a2da042343313463860f8ef987276a8f92fc670b541e091c99f5045b

  • SSDEEP

    49152:g2LdRphDBhCTGFMWDumigm0pCiO5BAD70TfhxWYAhiISV:g2JRphjZM2UCGrIm

Score
10/10

Malware Config

Targets

    • Target

      97c5a2a43d3d301f94d6226e60e12b08f04ce416ba2d1b93fa98b26fa9783e12

    • Size

      1.6MB

    • MD5

      5015b3096f5bf7039c82684c2d88bf2c

    • SHA1

      24aada32e2ac068d737866b6561e64a20f10f65e

    • SHA256

      97c5a2a43d3d301f94d6226e60e12b08f04ce416ba2d1b93fa98b26fa9783e12

    • SHA512

      808031a37f169702a6e495bbd7597a8a2dd6c7e0d9690d35b4b822aff59987db5674bea0a2da042343313463860f8ef987276a8f92fc670b541e091c99f5045b

    • SSDEEP

      49152:g2LdRphDBhCTGFMWDumigm0pCiO5BAD70TfhxWYAhiISV:g2JRphjZM2UCGrIm

    Score
    10/10
    • UAC bypass

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.