Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

9962625262537.exe

windows7-x64

10

9962625262537.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a15f6247c2a5428ec04db50f7224b3e.bin

  • Size

    445KB

  • Sample

    230614-bmydbacf9s

  • MD5

    07cd91607cfd3ccb82cb23ed4cfd23ba

  • SHA1

    25132bc09a832584f7f7a1174c763646721741e0

  • SHA256

    677771713069d8bc411247ac8d7c7fc0b2eb4cfba81659589dcb04530a6af28d

  • SHA512

    a104d435c4782f696c95799302c948698c17c368adba3fb6f760076b2ae1fcf2e247a8221ca18964af1b4a73f7ef424a73e3f106192501f76d5f8a1cb45fd664

  • SSDEEP

    6144:waEnm0kGlzEjAcBZRwKNOnhfpWhK2KDJOdRY/eRbeoq3gRZ7KAKQ1fV/wRQa:B/MtEjA4wK8h0hK2aOda6Uw/uWfV/wL

Score
10/10
modiloaderpersistencetrojan

Malware Config

Targets

    • Target

      9962625262537.exe

    • Size

      891KB

    • MD5

      fe063f58390e106c939aa6bdd09aaba6

    • SHA1

      4a47f9313b08a00aa62d8e0fad57b7af906253bd

    • SHA256

      51e9ab106ca72189b724415ace85775bb907178d4621cb2ee123cad629f2e4a9

    • SHA512

      31061e9c022ac31d7cb137f23e368393d5568cacc4718355d09f21f165c25ba9137c59878a9d0e9c196f13f5ee68d025b3a7139618a73f17544c14e864520d83

    • SSDEEP

      24576:DqdXPn4tl29UFPWmKoyk4TLmgvky46i95nwkac:DqdfXUFPjKoNw714J

    Score
    10/10
    modiloadertrojanpersistence

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks