Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e3cc54e5d99715a303d8d1f132d41b74.bin

  • Size

    131KB

  • Sample

    230217-b4865scg3t

  • MD5

    7e16bde64b88a27df40e2f2496a86022

  • SHA1

    a3bb001d77e8fb79c1d77f9475a081057e2a04b4

  • SHA256

    13f9ac6e33d48265ffd25ab2771999227fb5d62bda69ef703bb03a731d931228

  • SHA512

    fdfb14335b864ff6f8a2057f75c336e69f60f66a3d437b3979c60f398aff9a939531d2164cf0037d95986a44b471de029b51b07c53f98490b56f1ae8bc70959a

  • SSDEEP

    3072:gyrwcmzzPdJmhsbKQUGWVaGCkvBtbsFl/AU3j/JNE2qX6oAURPS1SOygD:gT6h2KjykvDsFfzBO6oFRPS1ryO

Malware Config

Targets

    • Target

      4ebbc65cd30575e8038548f3c177561effa9a09c53eb3d48378dbc9c02424de0.exe

    • Size

      189KB

    • MD5

      e3cc54e5d99715a303d8d1f132d41b74

    • SHA1

      07446a740b9efe1e9f435f4fed17279764ccc27a

    • SHA256

      4ebbc65cd30575e8038548f3c177561effa9a09c53eb3d48378dbc9c02424de0

    • SHA512

      be61efcb91ed7cfe9576dd4eeb6aa3d85ff98bf9d2520724990985d41d3e0be4d6cdeffaf2131e49520befb85238f8a8243150a67d829a612cd2aa36b212a9de

    • SSDEEP

      3072:MHu4cC9ZyKds25YwFfzeefYucmYv6ueIRXp+Q6aaaauDUW:mVcCyKdsskefArX+Q6aaaa

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks