Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4e2f6ae8e215b3c2341235a178f8e104e7800f97e32130ec06173fdc26c64b74
-
Size
226KB
-
Sample
230917-17442ada21
-
MD5
5449aae137648cfe7cf75b320a14918a
-
SHA1
c6b77f2a063a4c714946fc65953fc82ebe453f8e
-
SHA256
4e2f6ae8e215b3c2341235a178f8e104e7800f97e32130ec06173fdc26c64b74
-
SHA512
ea75e467da8c8be2844d042e8175a0ab084e78e9cda8793f7c4554b05887631277ff98280597c0ca7161ec6e4012215d9902335c77c7fb89824b678e9827f63f
-
SSDEEP
3072:KrPozRHopuKp7Dxl1ChMwEJjXm3M3xMVe4YQ:lzlopBFi56XmcxMVe
Static task
static1
Behavioral task
behavioral1
Sample
4e2f6ae8e215b3c2341235a178f8e104e7800f97e32130ec06173fdc26c64b74.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
smokeloader
up4
Extracted
smokeloader
2020
http://host-file-file0.com/
http://file-file-file1.com/
Targets
-
-
Target
4e2f6ae8e215b3c2341235a178f8e104e7800f97e32130ec06173fdc26c64b74
-
Size
226KB
-
MD5
5449aae137648cfe7cf75b320a14918a
-
SHA1
c6b77f2a063a4c714946fc65953fc82ebe453f8e
-
SHA256
4e2f6ae8e215b3c2341235a178f8e104e7800f97e32130ec06173fdc26c64b74
-
SHA512
ea75e467da8c8be2844d042e8175a0ab084e78e9cda8793f7c4554b05887631277ff98280597c0ca7161ec6e4012215d9902335c77c7fb89824b678e9827f63f
-
SSDEEP
3072:KrPozRHopuKp7Dxl1ChMwEJjXm3M3xMVe4YQ:lzlopBFi56XmcxMVe
Score10/10-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-