Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    prnfsdk.dll_

  • Size

    561KB

  • Sample

    230705-nmrxrabg98

  • MD5

    254cc44ce91502782700f57d8d15708e

  • SHA1

    7c9eb552dbc9c928a4cc1b920a385cccbc72226c

  • SHA256

    ecc34936abb58e91c38fd1417ef4c73edf29f1a2fbf756f8558c38ec5c8a6f2d

  • SHA512

    fa821f70d72f018c418fdef50c63d2260f844951050867172cc131230b4e8559a46d752aaf25e6f6c6dada23f38ce50b8413b52c9941a836d69baa2e4fd3f50b

  • SSDEEP

    12288:8nD1Gua++lefMAqzn9gX/Fq8WB7C5gnSsJo+IhXEm/:ID1xa++l2C92/FLgnzRIhXEY

Score
8/10

Malware Config

Targets

    • Target

      prnfsdk.dll_

    • Size

      561KB

    • MD5

      254cc44ce91502782700f57d8d15708e

    • SHA1

      7c9eb552dbc9c928a4cc1b920a385cccbc72226c

    • SHA256

      ecc34936abb58e91c38fd1417ef4c73edf29f1a2fbf756f8558c38ec5c8a6f2d

    • SHA512

      fa821f70d72f018c418fdef50c63d2260f844951050867172cc131230b4e8559a46d752aaf25e6f6c6dada23f38ce50b8413b52c9941a836d69baa2e4fd3f50b

    • SSDEEP

      12288:8nD1Gua++lefMAqzn9gX/Fq8WB7C5gnSsJo+IhXEm/:ID1xa++l2C92/FLgnzRIhXEY

    Score
    8/10
    • Sets DLL path for service in the registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks