Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    RuntimeBroker.exe

  • Size

    13.2MB

  • Sample

    230825-f3admshd39

  • MD5

    1b9a49b80779f0b78022a9efc1c1ef2f

  • SHA1

    ae480c2ecfc2a6a88bbcfeecd8125b65b35f96aa

  • SHA256

    adf527f5cc6ca92b51bf340069519e78de0c498529b78db18ea26abbb73afb7f

  • SHA512

    3e64dbe62c52251d596be5b4332d351e2e3f4357d02abc285975d6ff59191b26c8fcba8f57c5de8081fe3fadbf0465a104537a1d6a82da4e7f81eed63feb8090

  • SSDEEP

    393216:0fLbPmYRQK7+80nFUVH8034mLOnAcdSunr:sbrRQagEv3PP

Score
7/10

Malware Config

Targets

    • Target

      RuntimeBroker.exe

    • Size

      13.2MB

    • MD5

      1b9a49b80779f0b78022a9efc1c1ef2f

    • SHA1

      ae480c2ecfc2a6a88bbcfeecd8125b65b35f96aa

    • SHA256

      adf527f5cc6ca92b51bf340069519e78de0c498529b78db18ea26abbb73afb7f

    • SHA512

      3e64dbe62c52251d596be5b4332d351e2e3f4357d02abc285975d6ff59191b26c8fcba8f57c5de8081fe3fadbf0465a104537a1d6a82da4e7f81eed63feb8090

    • SSDEEP

      393216:0fLbPmYRQK7+80nFUVH8034mLOnAcdSunr:sbrRQagEv3PP

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks