Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

b325ff46c3...b1.exe

windows7-x64

7

b325ff46c3...b1.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b325ff46c393440a9e3ba1e293328bb1.bin

  • Size

    69.7MB

  • Sample

    230718-cve3dafh33

  • MD5

    b325ff46c393440a9e3ba1e293328bb1

  • SHA1

    af5d193859d4771624ad05af5089d028fb2cba08

  • SHA256

    5b0e0444af516425daa98279d2f989d416d2c32a4f4f7dc689eb663c1afc7623

  • SHA512

    21a5a1f4e78d001ea63f6f71ed42ff21d13869ea3bd0009cd4458f06960976bcd7dfe332143c40898688efa1d0c713043866c41001d0bac4ae42a7c712bf77f5

  • SSDEEP

    1572864:ZA9QOmodMkRCtQkTMT2Zr9yre77nD0CiNQ/KZYlct225Y4YW90:O9TKkkQkTyCAS/D1SQct2OY4Yn

Score
8/10
evasionpyinstaller

Malware Config

Targets

    • Target

      b325ff46c393440a9e3ba1e293328bb1.bin

    • Size

      69.7MB

    • MD5

      b325ff46c393440a9e3ba1e293328bb1

    • SHA1

      af5d193859d4771624ad05af5089d028fb2cba08

    • SHA256

      5b0e0444af516425daa98279d2f989d416d2c32a4f4f7dc689eb663c1afc7623

    • SHA512

      21a5a1f4e78d001ea63f6f71ed42ff21d13869ea3bd0009cd4458f06960976bcd7dfe332143c40898688efa1d0c713043866c41001d0bac4ae42a7c712bf77f5

    • SSDEEP

      1572864:ZA9QOmodMkRCtQkTMT2Zr9yre77nD0CiNQ/KZYlct225Y4YW90:O9TKkkQkTyCAS/D1SQct2OY4Yn

    Score
    8/10
    evasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks