Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

SC_TR11670000.exe

windows7-x64

7

SC_TR11670000.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2987B4630C713DD9130774774094DC0D7C31D2A83EAB1D4EB5F576078E1D2FE2

  • Size

    271KB

  • Sample

    230518-rynk9acf47

  • MD5

    3908adda2d83cec2df31487615b0c22d

  • SHA1

    ebae3779d53c712ab0ab3126d17c64d0e54e2c3b

  • SHA256

    2987b4630c713dd9130774774094dc0d7c31d2a83eab1d4eb5f576078e1d2fe2

  • SHA512

    9b006cb6ef206077802aa4e1457c825b3de3d74d8384a250d6ec4a3559e9205d6263dfc19e9c3bf2d0cb5c99e72a9a11d7bfbdd5407da036cb19f33b3acf92a3

  • SSDEEP

    6144:U6OE29QnPUD1IWRjn7p3jazGh8JZTPi8+J28TQLNjfGT:U6VUpNNRjNC/TPUrT

Score
7/10

Malware Config

Targets

    • Target

      SC_TR11670000.exe

    • Size

      322KB

    • MD5

      ae7a2ace2bcc840b5130ed781d2685a9

    • SHA1

      d74ea879eeccb09f50807d74b932b94239d29327

    • SHA256

      3519183ff6f4754f9363e87fa4252ad739537b6d02f18496529ba5cc142ab2c8

    • SHA512

      38f6b7c56770574e7415f746eb13a694a50e7dbc22b9fd8f9e99bafb02cb684d03350e3d6fdbfd418cd536134138162c5a6fdc6278f65d8a8312613fabc79868

    • SSDEEP

      6144:3Dk8ZHsVtVQXmGptlYS6MVinNuDRLjr65k1qhnEfaGBroIbvB4a:AxVtEptG7NuDpjw0qBEyurh3

    Score
    7/10

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks