Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

88d7e83b74...bc.exe

windows7-x64

7

88d7e83b74...bc.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    88d7e83b74f2a3c04658ae1e33977affa625a748b776b36a742ab73281d414bc

  • Size

    150KB

  • Sample

    230706-m2arcaab28

  • MD5

    6cd925574655ceeb750b8c947deafdda

  • SHA1

    db06d6768b00efbd84dbcadcb47c08607e7f1312

  • SHA256

    88d7e83b74f2a3c04658ae1e33977affa625a748b776b36a742ab73281d414bc

  • SHA512

    a91d7d354ec7d910fc90fcfd9d6f53317e2cbd03211f53f4c6a4d9364c5405b70ca45ac2516298209416d7b795b546450207d0e36fbd3478aae0bb845c576a49

  • SSDEEP

    3072:EAe+3aJpgWXTBuWbcqG5GAbKqiNMeAmVngg24ihVmY8uYj7AdV+44MI:XB+pgUzcq6AqKPs4ihWrMz4x

Score
7/10

Malware Config

Targets

    • Target

      88d7e83b74f2a3c04658ae1e33977affa625a748b776b36a742ab73281d414bc

    • Size

      150KB

    • MD5

      6cd925574655ceeb750b8c947deafdda

    • SHA1

      db06d6768b00efbd84dbcadcb47c08607e7f1312

    • SHA256

      88d7e83b74f2a3c04658ae1e33977affa625a748b776b36a742ab73281d414bc

    • SHA512

      a91d7d354ec7d910fc90fcfd9d6f53317e2cbd03211f53f4c6a4d9364c5405b70ca45ac2516298209416d7b795b546450207d0e36fbd3478aae0bb845c576a49

    • SSDEEP

      3072:EAe+3aJpgWXTBuWbcqG5GAbKqiNMeAmVngg24ihVmY8uYj7AdV+44MI:XB+pgUzcq6AqKPs4ihWrMz4x

    Score
    7/10

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks