Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    240KB

  • Sample

    221231-2rnb1sea2t

  • MD5

    35817a81791ad31cb6aea5d412416519

  • SHA1

    c1dc83a9d6bfc1be7a1fd31ad3388c0187debe5d

  • SHA256

    413dfa98d485fb9cf21af75dc88475fd55176fbd3f9fae020ec26fe1b095cccf

  • SHA512

    f31561e29b6b2a0b0289745b6ced9aa248aa58718edebdecdbfb81ad3c97741269c1976e8faf7a16add46aeee0f7610e0543f1a6c38c43d67070f9ab89af7598

  • SSDEEP

    3072:rX5fqyL/3/sidC9YU15Z2xcJv0R9uDC54Omqg727hZY:DRLhdC9YEuRgDMsnWZY

Malware Config

Targets

    • Target

      file.exe

    • Size

      240KB

    • MD5

      35817a81791ad31cb6aea5d412416519

    • SHA1

      c1dc83a9d6bfc1be7a1fd31ad3388c0187debe5d

    • SHA256

      413dfa98d485fb9cf21af75dc88475fd55176fbd3f9fae020ec26fe1b095cccf

    • SHA512

      f31561e29b6b2a0b0289745b6ced9aa248aa58718edebdecdbfb81ad3c97741269c1976e8faf7a16add46aeee0f7610e0543f1a6c38c43d67070f9ab89af7598

    • SSDEEP

      3072:rX5fqyL/3/sidC9YU15Z2xcJv0R9uDC54Omqg727hZY:DRLhdC9YEuRgDMsnWZY

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks