Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b003e5021d31ff60e3a105c4cd440ab0.bin

  • Size

    140KB

  • Sample

    230213-cblqtaaa86

  • MD5

    9213efe9d1835e38dd65dea587817e68

  • SHA1

    663de07f3a6deef1ccbdfa10e94bfcd68bcb4cb8

  • SHA256

    af895e7f5882dca4a060926123ccf4106a2be04edb881f5f8ca478fc515430ec

  • SHA512

    692bf19a7e2fb6309d506c7aeb9cfd7141937ac6d5adf07b76d8d66f4a29a14b1f30ec8e88174ac4efef292520037a65ee10d76af3ceaeb11334354822753786

  • SSDEEP

    3072:eSCe7HtxlfUOkHrhmZ81lbnAvh8Kw+5UkM6+qWrNgimcOfAu8s:eSpbtrfURrhmZ81lbnAvh1UkM6+hDAGs

Malware Config

Targets

    • Target

      c39bdf652e6adff9831bcfb3fa9e0a420f38850641a45e49767a6202c64ee95c.exe

    • Size

      197KB

    • MD5

      b003e5021d31ff60e3a105c4cd440ab0

    • SHA1

      9ed273b0968780f2500372adc2036f8e8ee45c8b

    • SHA256

      c39bdf652e6adff9831bcfb3fa9e0a420f38850641a45e49767a6202c64ee95c

    • SHA512

      37ef1868a5cc68dad31707fc98fc8ea7f1219b77467b17ea07523717719cc88b14b4ff0f608e251c90272026a675680e07245db3edc281e9aa63daeb7e29f4a9

    • SSDEEP

      3072:tjqxs+0JyOa5Cs9eQkTwu6HnrzjMXhJ5hgMhk++7Y0ZdActG:tGyRPs9eQsdsnrzuJ8sj4rAc

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks