Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0d7ab397367d429df3b22b746567f8f7.bin

  • Size

    409KB

  • Sample

    231014-c7m9hsec36

  • MD5

    32241cce8339f12b44a211571d2c0ed3

  • SHA1

    125cb9b48f96eaa3cbe5c80d8a91de81bd550284

  • SHA256

    8c5cbcef219474ecb46b748472fee62923cb19572b1594d7ceca4d6cf322ca2a

  • SHA512

    f5e317d0b8cec4b6dd98c6d2e52d84a6df309abaed4ac048eb36e8a6e82c123f366ee6ef2ccd87d1f0086d88ad359276cd7b6c70b33ab2d837c56deb220992dc

  • SSDEEP

    12288:xb8djL2kRE1P2tM4DjHSH7dCLZlSt3wpMS8nXIQA1W:xb423PqPSuYAOSoTAY

Score
7/10

Malware Config

Targets

    • Target

      a88b547e698609e77944854f331f62643bf974a06ddde114a994398b48cf841e.exe

    • Size

      434KB

    • MD5

      0d7ab397367d429df3b22b746567f8f7

    • SHA1

      447f43a1ac4bc764f0ca361e0a5db8c55f2ec1fe

    • SHA256

      a88b547e698609e77944854f331f62643bf974a06ddde114a994398b48cf841e

    • SHA512

      43fb0a5dabab3bcb58e2ffea92b04c5ea7335809b285aea373db6eed250b8b23e2b4da266e5b613200f839f3e7159f2fae650262c66685756aeb136313bfeca9

    • SSDEEP

      12288:/0JI+8FhzaMGPnD2pWyb2piORnIlTijwTgnru0:U83zaNnDTyiYOR1wTD0

    Score
    7/10
    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks