Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
739a38ab9a9ff169ad806fe52affb72995ce8944d2e9a42dfd91e41bffcec316
-
Size
536KB
-
Sample
230827-vah8eade3w
-
MD5
35c62921f6d6b930053b6cbb32d48a24
-
SHA1
15ba18d0e71a05fa47c149d9427f05c10236cd2f
-
SHA256
739a38ab9a9ff169ad806fe52affb72995ce8944d2e9a42dfd91e41bffcec316
-
SHA512
cb7c3ea83fb8b22fae94b2fa9e7e19cea101dd24815c2729cf2465dbe484740df75c2a9680700c0f94aa24ba37c32a40625a8252b0aaaa6a0cea2a8e82b0323c
-
SSDEEP
12288:2Qab4j0WxHHxvgZ5Debn9XdvVYf8tn5+qqheFgOkx2LIa:Tvj0oxv2Dezv/tx3yOkx2LF
Malware Config
Targets
-
-
Target
739a38ab9a9ff169ad806fe52affb72995ce8944d2e9a42dfd91e41bffcec316
-
Size
536KB
-
MD5
35c62921f6d6b930053b6cbb32d48a24
-
SHA1
15ba18d0e71a05fa47c149d9427f05c10236cd2f
-
SHA256
739a38ab9a9ff169ad806fe52affb72995ce8944d2e9a42dfd91e41bffcec316
-
SHA512
cb7c3ea83fb8b22fae94b2fa9e7e19cea101dd24815c2729cf2465dbe484740df75c2a9680700c0f94aa24ba37c32a40625a8252b0aaaa6a0cea2a8e82b0323c
-
SSDEEP
12288:2Qab4j0WxHHxvgZ5Debn9XdvVYf8tn5+qqheFgOkx2LIa:Tvj0oxv2Dezv/tx3yOkx2LF
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Drops file in Drivers directory
-
Deletes itself
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Drops file in System32 directory
-