Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file

  • Size

    195KB

  • Sample

    230214-dzvt3aad45

  • MD5

    6b8d09fc5b23d9a3b9fdde8b205a00da

  • SHA1

    e20aa7580f3baa89531dc8b86ad83a71b8ce9b12

  • SHA256

    fe9dacb7f9220c1276cd630fc69b6e28300886424795880f12b315308c9284d7

  • SHA512

    0fd5c1ea55dab5e6a0036bc83d1d7bfe8bf8d81ec7d8c2cae0fdb248f43d12e91e15508d7e733d423a33854f969392be8217dcf6a72ade0919add37e91905fe3

  • SSDEEP

    3072:OJvuIa5zNmGoFJOMqB+EHqo4aG8QQVM7CbLVUSd+usewo0/zEX:OIDNxPRB+EsxZQVaCfVfd+tzzzg

Malware Config

Targets

    • Target

      file

    • Size

      195KB

    • MD5

      6b8d09fc5b23d9a3b9fdde8b205a00da

    • SHA1

      e20aa7580f3baa89531dc8b86ad83a71b8ce9b12

    • SHA256

      fe9dacb7f9220c1276cd630fc69b6e28300886424795880f12b315308c9284d7

    • SHA512

      0fd5c1ea55dab5e6a0036bc83d1d7bfe8bf8d81ec7d8c2cae0fdb248f43d12e91e15508d7e733d423a33854f969392be8217dcf6a72ade0919add37e91905fe3

    • SSDEEP

      3072:OJvuIa5zNmGoFJOMqB+EHqo4aG8QQVM7CbLVUSd+usewo0/zEX:OIDNxPRB+EsxZQVaCfVfd+tzzzg

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks