Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    39d56f118eb4ae323bb8fdeab205aef35671ea7378d6581ae4ef4d91a8dde06f

  • Size

    5.8MB

  • Sample

    230810-nq81faec6y

  • MD5

    34cfa1231e2bcd80056b85f80ecc6a2e

  • SHA1

    417b037123832efab6ad4d256b0ec9558f08571e

  • SHA256

    39d56f118eb4ae323bb8fdeab205aef35671ea7378d6581ae4ef4d91a8dde06f

  • SHA512

    775fe5404d6f4a46cc174817f2e80f49321590f206ff672f6d85725f7f022c6420692e28872420ea8ce156db4d7035d95e83d5e5b3819af741f17b3b4f0aacb9

  • SSDEEP

    98304:AqVQ4tml/iUm4XHb8vFtYkQNrSz9rAmLJHORm6UJamI3LeojzZARZpkAdcc6IjWF:/J+jX7oDKrSpru+W3KMZkvdagNXhJs0I

Malware Config

Targets

    • Target

      39d56f118eb4ae323bb8fdeab205aef35671ea7378d6581ae4ef4d91a8dde06f

    • Size

      5.8MB

    • MD5

      34cfa1231e2bcd80056b85f80ecc6a2e

    • SHA1

      417b037123832efab6ad4d256b0ec9558f08571e

    • SHA256

      39d56f118eb4ae323bb8fdeab205aef35671ea7378d6581ae4ef4d91a8dde06f

    • SHA512

      775fe5404d6f4a46cc174817f2e80f49321590f206ff672f6d85725f7f022c6420692e28872420ea8ce156db4d7035d95e83d5e5b3819af741f17b3b4f0aacb9

    • SSDEEP

      98304:AqVQ4tml/iUm4XHb8vFtYkQNrSz9rAmLJHORm6UJamI3LeojzZARZpkAdcc6IjWF:/J+jX7oDKrSpru+W3KMZkvdagNXhJs0I

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

    • Chinese Botnet payload

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks