Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2fe97c1cb597d1812cfefe11ce2327da3d18e3cc16bacf38512db1cbd53570d5.zip
-
Size
17KB
-
Sample
230516-zhhztsce42
-
MD5
e8a484eb1befb65a8fb0920037e22ddc
-
SHA1
73ac946e66b4e6bdad1743de522cc5a26b3e8de8
-
SHA256
52a898f9c3174c252ef1745e353a49aa898fe99122720bf33126644c319c8df4
-
SHA512
6a0e28940b8225bf46ed80624dc40241bb9b8d1b71025790bb0ce7207f73e6021773eb40e2b4025d3007ed1ac1f7b104f4b145ed0d5cf2ed09222266be152d94
-
SSDEEP
384:vL77A60nSvb+7kKgXJsC3f13TZfJte4WPOHbf3Z3G/fOXlmFAuJyvy2:DQ67+DgeC3f1DBG4QOf6faUAuUt
Static task
static1
Behavioral task
behavioral1
Sample
2fe97c1cb597d1812cfefe11ce2327da3d18e3cc16bacf38512db1cbd53570d5.ppam
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2fe97c1cb597d1812cfefe11ce2327da3d18e3cc16bacf38512db1cbd53570d5.ppam
Resource
win10v2004-20230220-en
Malware Config
Extracted
revengerat
NyanCatRevenge
m7.ddns.com.br:5222
30c2ac3031a0
Targets
-
-
Target
2fe97c1cb597d1812cfefe11ce2327da3d18e3cc16bacf38512db1cbd53570d5.ppam
-
Size
19KB
-
MD5
f2c6f5b43d73d91bb9eb0de2812ff7cb
-
SHA1
d4dbf0af4bfbd0f6ce0aadb9dcbbc30cebf36aad
-
SHA256
2fe97c1cb597d1812cfefe11ce2327da3d18e3cc16bacf38512db1cbd53570d5
-
SHA512
bd2abddb6f66c5f104925d48d6499ed336e52b43829ee42595f00382c69dccb4398822c8df565c31a44ea9fe12dc4fc31c953652a4698bdf6fbfa96df304a82a
-
SSDEEP
384:dXPWGaYOMHEG4upmXuB44OPJ8GfkXjedXRMx+CI/tQiZlyszuCqo9NRrccG:VPWGNO7kpme64C21Xjc2xXI/XTys6ARk
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-