Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4109f03cb97ec1a10b10462b3a1cb072.bin

  • Size

    833KB

  • Sample

    231013-ewmvqaff28

  • MD5

    453869b543eb4e14744964103ac9b59e

  • SHA1

    25b7e935f3325372553e64441fb798cf4661a13e

  • SHA256

    fcb0dc82d563a09d8528a961f67d2a3db80afd00d2500488b4cefcefd13158da

  • SHA512

    8e4369104ec413e32ff7ea0d11a4725dbc359b43d40db44b42f642084ef8578e877c98382dd5db22742ca4729dd7425e2b58a2e224ef7b1e6b1bc5ad6eec8620

  • SSDEEP

    24576:HzG8O7L2fAgDiP4QB7dAHNDOby0HRzLfORec19Yw:T22fAgDiL3WNDOu0HZLG1l

Score
7/10

Malware Config

Targets

    • Target

      55e92f7ce36eead273b0f804c56c6a5f2b3f88e8e9b9c2f6a89ef4149f7d5158.exe

    • Size

      869KB

    • MD5

      4109f03cb97ec1a10b10462b3a1cb072

    • SHA1

      a3d41c3b5eb60607fe3bc2fece01b28cf927357c

    • SHA256

      55e92f7ce36eead273b0f804c56c6a5f2b3f88e8e9b9c2f6a89ef4149f7d5158

    • SHA512

      061051e54d10b8328b1faeecbc3374c5e2974edd1ae9d6f6840a760d9922bdb245210b75beb25401a02b6230732bddcf4df20e8bbaa4df9198e590ea1bdec645

    • SSDEEP

      24576:giSNaEGevQ5lFv30L5PfUiL2yLEYzHkUGhb36/:hSNM5U5z2yLREHtQ

    Score
    7/10
    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks