Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
88d7e83b74f2a3c04658ae1e33977affa625a748b776b36a742ab73281d414bc
-
Size
150KB
-
Sample
230706-m2arcaab28
-
MD5
6cd925574655ceeb750b8c947deafdda
-
SHA1
db06d6768b00efbd84dbcadcb47c08607e7f1312
-
SHA256
88d7e83b74f2a3c04658ae1e33977affa625a748b776b36a742ab73281d414bc
-
SHA512
a91d7d354ec7d910fc90fcfd9d6f53317e2cbd03211f53f4c6a4d9364c5405b70ca45ac2516298209416d7b795b546450207d0e36fbd3478aae0bb845c576a49
-
SSDEEP
3072:EAe+3aJpgWXTBuWbcqG5GAbKqiNMeAmVngg24ihVmY8uYj7AdV+44MI:XB+pgUzcq6AqKPs4ihWrMz4x
Static task
static1
Behavioral task
behavioral1
Sample
88d7e83b74f2a3c04658ae1e33977affa625a748b776b36a742ab73281d414bc.exe
Resource
win7-20230705-en
Behavioral task
behavioral2
Sample
88d7e83b74f2a3c04658ae1e33977affa625a748b776b36a742ab73281d414bc.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
88d7e83b74f2a3c04658ae1e33977affa625a748b776b36a742ab73281d414bc
-
Size
150KB
-
MD5
6cd925574655ceeb750b8c947deafdda
-
SHA1
db06d6768b00efbd84dbcadcb47c08607e7f1312
-
SHA256
88d7e83b74f2a3c04658ae1e33977affa625a748b776b36a742ab73281d414bc
-
SHA512
a91d7d354ec7d910fc90fcfd9d6f53317e2cbd03211f53f4c6a4d9364c5405b70ca45ac2516298209416d7b795b546450207d0e36fbd3478aae0bb845c576a49
-
SSDEEP
3072:EAe+3aJpgWXTBuWbcqG5GAbKqiNMeAmVngg24ihVmY8uYj7AdV+44MI:XB+pgUzcq6AqKPs4ihWrMz4x
Score7/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-