Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

DRAWING-MA...ED.exe

windows7-x64

10

DRAWING-MA...ED.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DRAWING-MATERIALS NEEDED.exe

  • Size

    273KB

  • Sample

    230808-hsrlaabb23

  • MD5

    6ea128aad981db51fb37a219cb6b266e

  • SHA1

    37bdacba8fe247ff5ead7524a0ffc17b7dfbfdbc

  • SHA256

    63c7c7144d487bb38e9473ed1a7b420440b131981c5e83901614212f7d9bd8d8

  • SHA512

    dfd285c8fb0026025a1c60c46efd0c02d9cd5741e04219c5cb1aaeba9f08e0c3f42735f5f6d1bb61294cef203aa3e6caa60fec879b4b6940f6641e0b6c42bac3

  • SSDEEP

    6144:YzAJFXG1/PZthjld/77Pm3pHT5EzjDu7w5x:CCar377ypz5ELu7w5x

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      DRAWING-MATERIALS NEEDED.exe

    • Size

      273KB

    • MD5

      6ea128aad981db51fb37a219cb6b266e

    • SHA1

      37bdacba8fe247ff5ead7524a0ffc17b7dfbfdbc

    • SHA256

      63c7c7144d487bb38e9473ed1a7b420440b131981c5e83901614212f7d9bd8d8

    • SHA512

      dfd285c8fb0026025a1c60c46efd0c02d9cd5741e04219c5cb1aaeba9f08e0c3f42735f5f6d1bb61294cef203aa3e6caa60fec879b4b6940f6641e0b6c42bac3

    • SSDEEP

      6144:YzAJFXG1/PZthjld/77Pm3pHT5EzjDu7w5x:CCar377ypz5ELu7w5x

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks