Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NTLite_setup_x64.exe

  • Size

    23.5MB

  • Sample

    230527-vn2a5sce47

  • MD5

    391907fdc98797abccc1718767f736ef

  • SHA1

    7471f0c2be722b6943f70cd1e16b8051d6bb195d

  • SHA256

    64a6b8d85dcbe4a5a30d8cb381778043179cadb3044e7d3d418a9aebb29b360b

  • SHA512

    76ecb4d249af88fba9753b278d1cb750603aa93c6c36e0ba02ab1b5680407d287c59a696f8b29f50732ebaa4a7f5b203f9ff72aa1c2ce0b4b9d0004c15848a90

  • SSDEEP

    393216:pul8cgRtT0C6zhmTodWoDPJMr9a9zKNuHjRCLoyAzveL:pZcgRtIpzhmTaWozJr10Loywvg

Score
7/10

Malware Config

Targets

    • Target

      NTLite_setup_x64.exe

    • Size

      23.5MB

    • MD5

      391907fdc98797abccc1718767f736ef

    • SHA1

      7471f0c2be722b6943f70cd1e16b8051d6bb195d

    • SHA256

      64a6b8d85dcbe4a5a30d8cb381778043179cadb3044e7d3d418a9aebb29b360b

    • SHA512

      76ecb4d249af88fba9753b278d1cb750603aa93c6c36e0ba02ab1b5680407d287c59a696f8b29f50732ebaa4a7f5b203f9ff72aa1c2ce0b4b9d0004c15848a90

    • SSDEEP

      393216:pul8cgRtT0C6zhmTodWoDPJMr9a9zKNuHjRCLoyAzveL:pZcgRtIpzhmTaWozJr10Loywvg

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks