Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
39d56f118eb4ae323bb8fdeab205aef35671ea7378d6581ae4ef4d91a8dde06f
-
Size
5.8MB
-
Sample
230810-nq81faec6y
-
MD5
34cfa1231e2bcd80056b85f80ecc6a2e
-
SHA1
417b037123832efab6ad4d256b0ec9558f08571e
-
SHA256
39d56f118eb4ae323bb8fdeab205aef35671ea7378d6581ae4ef4d91a8dde06f
-
SHA512
775fe5404d6f4a46cc174817f2e80f49321590f206ff672f6d85725f7f022c6420692e28872420ea8ce156db4d7035d95e83d5e5b3819af741f17b3b4f0aacb9
-
SSDEEP
98304:AqVQ4tml/iUm4XHb8vFtYkQNrSz9rAmLJHORm6UJamI3LeojzZARZpkAdcc6IjWF:/J+jX7oDKrSpru+W3KMZkvdagNXhJs0I
Static task
static1
Behavioral task
behavioral1
Sample
39d56f118eb4ae323bb8fdeab205aef35671ea7378d6581ae4ef4d91a8dde06f.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
39d56f118eb4ae323bb8fdeab205aef35671ea7378d6581ae4ef4d91a8dde06f.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
39d56f118eb4ae323bb8fdeab205aef35671ea7378d6581ae4ef4d91a8dde06f
-
Size
5.8MB
-
MD5
34cfa1231e2bcd80056b85f80ecc6a2e
-
SHA1
417b037123832efab6ad4d256b0ec9558f08571e
-
SHA256
39d56f118eb4ae323bb8fdeab205aef35671ea7378d6581ae4ef4d91a8dde06f
-
SHA512
775fe5404d6f4a46cc174817f2e80f49321590f206ff672f6d85725f7f022c6420692e28872420ea8ce156db4d7035d95e83d5e5b3819af741f17b3b4f0aacb9
-
SSDEEP
98304:AqVQ4tml/iUm4XHb8vFtYkQNrSz9rAmLJHORm6UJamI3LeojzZARZpkAdcc6IjWF:/J+jX7oDKrSpru+W3KMZkvdagNXhJs0I
Score10/10-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-