Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
23ac589b6f73b49d983c7bc11a844eff.bin
-
Size
1.2MB
-
Sample
230518-q2z8sabd94
-
MD5
23ac589b6f73b49d983c7bc11a844eff
-
SHA1
8e1e089570f581156170c337c1a9662b5f4541d9
-
SHA256
cff95e5e1d6c497b0262c0f9cfc62cdddde0ae225e485bb866d105d5529bb1b9
-
SHA512
400678a012743c176d011284647e3b09a29069b9447765b4741f8255b6a81aa65490396c6c8becaab36195fbc351508a8a7dade83f5162118db43946483aefa3
-
SSDEEP
12288:WEu4mI4d8CgrgCQvQyflYebLk0oLydotPuq:eJ6veJflYeHkQdIuq
Static task
static1
Behavioral task
behavioral1
Sample
ORDINE_0.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ORDINE_0.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
ORDINE_0.EXE
-
Size
518KB
-
MD5
aa301dc0c7fdbb92f975d9eb7e8bdd99
-
SHA1
d328bf1f349b89a881c14e1a7d6e5263801f2263
-
SHA256
6c06c5e878ce129c3260c2fa7869410c5aa9cdcd0e929933c221e4e847df4376
-
SHA512
83fb6139762b3e1930e185d5e59da5c9781768f6c3ff8f8725631a779ba8a075c098c78e7155855aa5ed1f995606a2d211db0881f47081a334b733dcfb9280a2
-
SSDEEP
12288:tEu4mI4d8CgrgCQvQyflYebLk0oLydotPuqB:pJ6veJflYeHkQdIuqB
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-