Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9943588E9B315BD14F071F0DBAFE5EE9AE0124C5ED10AD53B2C6A463B3920D32
-
Size
1.2MB
-
Sample
230518-cdltlahb24
-
MD5
373d1028ec4c73bfcc98bc67be2ba8f6
-
SHA1
5a4d0d82b5b3b1d9a648c11acf21b3d877983a77
-
SHA256
9943588e9b315bd14f071f0dbafe5ee9ae0124c5ed10ad53b2c6a463b3920d32
-
SHA512
d962cf760e10e6575a49df38ee3c53afd08b9e2501ac0d14ce3804e67608ffc522d992965c5d6aa33178b560cc074d6816e20fc6ca958d1af29ff03b8a92fe04
-
SSDEEP
6144:Wj20IjUUXgrZc0YuiNNKrDtzo99bYRNMZo6Ku2qP9szt76JyOk:9NzgZ3YTTgJovbqNMHK32hJyOk
Static task
static1
Behavioral task
behavioral1
Sample
DOCUMENT.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
DOCUMENT.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
DOCUMENT.EXE
-
Size
306KB
-
MD5
a814dc37ac7cc706c662194585e4d2a9
-
SHA1
912c6a6741476eea9621e4c71d3d7ab26ba54e5f
-
SHA256
49479374e667e0897b7f9a742aea8a795dce57bd2cbb0ad5e601b8b28522f0f0
-
SHA512
45cc9ea588eb30bd517d60dc749c15d5e4f12d66ca822eac8784e876209125570d61621880ac0206b3c852cf94a881a1c32d0613f315070ffc6f8acfc563ab2c
-
SSDEEP
6144:Cj20IjUUXgrZc0YuiNNKrDtzo99bYRNMZo6Ku2qP9szt76JyOk4:BNzgZ3YTTgJovbqNMHK32hJyOk4
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-