Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0d7ab397367d429df3b22b746567f8f7.bin
-
Size
409KB
-
Sample
231014-c7m9hsec36
-
MD5
32241cce8339f12b44a211571d2c0ed3
-
SHA1
125cb9b48f96eaa3cbe5c80d8a91de81bd550284
-
SHA256
8c5cbcef219474ecb46b748472fee62923cb19572b1594d7ceca4d6cf322ca2a
-
SHA512
f5e317d0b8cec4b6dd98c6d2e52d84a6df309abaed4ac048eb36e8a6e82c123f366ee6ef2ccd87d1f0086d88ad359276cd7b6c70b33ab2d837c56deb220992dc
-
SSDEEP
12288:xb8djL2kRE1P2tM4DjHSH7dCLZlSt3wpMS8nXIQA1W:xb423PqPSuYAOSoTAY
Static task
static1
Behavioral task
behavioral1
Sample
a88b547e698609e77944854f331f62643bf974a06ddde114a994398b48cf841e.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
a88b547e698609e77944854f331f62643bf974a06ddde114a994398b48cf841e.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
a88b547e698609e77944854f331f62643bf974a06ddde114a994398b48cf841e.exe
-
Size
434KB
-
MD5
0d7ab397367d429df3b22b746567f8f7
-
SHA1
447f43a1ac4bc764f0ca361e0a5db8c55f2ec1fe
-
SHA256
a88b547e698609e77944854f331f62643bf974a06ddde114a994398b48cf841e
-
SHA512
43fb0a5dabab3bcb58e2ffea92b04c5ea7335809b285aea373db6eed250b8b23e2b4da266e5b613200f839f3e7159f2fae650262c66685756aeb136313bfeca9
-
SSDEEP
12288:/0JI+8FhzaMGPnD2pWyb2piORnIlTijwTgnru0:U83zaNnDTyiYOR1wTD0
Score7/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-