Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    260KB

  • Sample

    230114-dt6z5sdb4t

  • MD5

    8dd7b8847ca62948271c0ca8337e0ea8

  • SHA1

    d57305487a10efbe9ceb289aa3cfd321bb441e37

  • SHA256

    cdd4ad75553bf6d0221d92109a38a6d30df3bcb2b09b6f0ac43d380e66621954

  • SHA512

    94857a53c5e3e5445e8bf13b66ddc6d0b9f5d918e47a77c1d4a60c4709480296aab20aa3c695a2c650e92c973d91074050ed5be3decfdf9fd7451f567e7dd9f9

  • SSDEEP

    3072:KXmxUC4d5Vokvx4Y2Xg6biUbxhxIEl8apb8pBI8jwWRjoV:qBBx4JFppgpRjFE

Malware Config

Targets

    • Target

      file.exe

    • Size

      260KB

    • MD5

      8dd7b8847ca62948271c0ca8337e0ea8

    • SHA1

      d57305487a10efbe9ceb289aa3cfd321bb441e37

    • SHA256

      cdd4ad75553bf6d0221d92109a38a6d30df3bcb2b09b6f0ac43d380e66621954

    • SHA512

      94857a53c5e3e5445e8bf13b66ddc6d0b9f5d918e47a77c1d4a60c4709480296aab20aa3c695a2c650e92c973d91074050ed5be3decfdf9fd7451f567e7dd9f9

    • SSDEEP

      3072:KXmxUC4d5Vokvx4Y2Xg6biUbxhxIEl8apb8pBI8jwWRjoV:qBBx4JFppgpRjFE

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks