Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6b938ebdcbd1816155cdae3f5c344edc.exe

  • Size

    101KB

  • Sample

    230601-vmd48afg71

  • MD5

    6b938ebdcbd1816155cdae3f5c344edc

  • SHA1

    703a0c0366f22cc4a226edbbb7e6b548e70bd116

  • SHA256

    5a6fcd8d7424e809ecba56916e4481fa47b86cd4f5e75248caee1028ff4b955c

  • SHA512

    f53202bcca4f30805634f1f8de6b6f9089bc2e18fca453ffab85f3351fcc343962774caac6abeb053c781c6e1740a860fff538a86fc1e8487d408242d6c73acb

  • SSDEEP

    3072:KdhJVZbIUqVA1kLOnf9LGQGkyNgAJ9pZ+Gu:fn94tjtAJ9pZc

Malware Config

Targets

    • Target

      6b938ebdcbd1816155cdae3f5c344edc.exe

    • Size

      101KB

    • MD5

      6b938ebdcbd1816155cdae3f5c344edc

    • SHA1

      703a0c0366f22cc4a226edbbb7e6b548e70bd116

    • SHA256

      5a6fcd8d7424e809ecba56916e4481fa47b86cd4f5e75248caee1028ff4b955c

    • SHA512

      f53202bcca4f30805634f1f8de6b6f9089bc2e18fca453ffab85f3351fcc343962774caac6abeb053c781c6e1740a860fff538a86fc1e8487d408242d6c73acb

    • SSDEEP

      3072:KdhJVZbIUqVA1kLOnf9LGQGkyNgAJ9pZ+Gu:fn94tjtAJ9pZc

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

    • Sets service image path in registry

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks