Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    03731599.exe

  • Size

    460KB

  • Sample

    230606-nn56rsdd53

  • MD5

    6df4109027cf0cdb396aa7e8cb00306e

  • SHA1

    b677cc1b123fa8a5f81ad082b79f80b10d2a3efd

  • SHA256

    b99d0a2610e65b8ab1e10b959b15b25c07124b4f8761a71b99aa002affe6d6e4

  • SHA512

    c2a1547f4e8019308ea948283f56fb6d1faea62587c100c2e374361a74e380ee749c185ab4a4b3834fd611ae5b96a099955e8b2c827262d5870fc4e43c9ae280

  • SSDEEP

    12288:+5SBXNJ5TKooCJPV7rZPDI/iz0hbtsODTJ:+5i0ozZJrpz0T

Score
10/10

Malware Config

Targets

    • Target

      03731599.exe

    • Size

      460KB

    • MD5

      6df4109027cf0cdb396aa7e8cb00306e

    • SHA1

      b677cc1b123fa8a5f81ad082b79f80b10d2a3efd

    • SHA256

      b99d0a2610e65b8ab1e10b959b15b25c07124b4f8761a71b99aa002affe6d6e4

    • SHA512

      c2a1547f4e8019308ea948283f56fb6d1faea62587c100c2e374361a74e380ee749c185ab4a4b3834fd611ae5b96a099955e8b2c827262d5870fc4e43c9ae280

    • SSDEEP

      12288:+5SBXNJ5TKooCJPV7rZPDI/iz0hbtsODTJ:+5i0ozZJrpz0T

    Score
    10/10
    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Deletes itself

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks