Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

666f5ad3c6...81.exe

windows7-x64

10

666f5ad3c6...81.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    666f5ad3c6b29636a24011639ccc771da5e964ed4d0a22e253febeed53978681

  • Size

    6.9MB

  • Sample

    231029-b5s7bafh58

  • MD5

    d2f32b3bf5e7c07ac6ee4918f93c4da3

  • SHA1

    8035c6f1214d806a6f2181c41ae24c21ef1c4913

  • SHA256

    666f5ad3c6b29636a24011639ccc771da5e964ed4d0a22e253febeed53978681

  • SHA512

    5622ae6a36b3fcfc4560ecebfc0bdc446976c6e262322d345888b65e5ead956ff455771fb7ee736b5f1cd8134d2753e6cc6641c39c30b5e787256c23fa3927b0

  • SSDEEP

    98304:bBax0HTtGRoXuo73LIDUae0OEHtpKMbaqALvQIIxNiRo2Zo/AE9aF55FP4elzQH+:AmttF3EDv3p/baqCI3V2W/eL9QL9w

Score
10/10
xmrigevasionminer

Malware Config

Targets

    • Target

      666f5ad3c6b29636a24011639ccc771da5e964ed4d0a22e253febeed53978681

    • Size

      6.9MB

    • MD5

      d2f32b3bf5e7c07ac6ee4918f93c4da3

    • SHA1

      8035c6f1214d806a6f2181c41ae24c21ef1c4913

    • SHA256

      666f5ad3c6b29636a24011639ccc771da5e964ed4d0a22e253febeed53978681

    • SHA512

      5622ae6a36b3fcfc4560ecebfc0bdc446976c6e262322d345888b65e5ead956ff455771fb7ee736b5f1cd8134d2753e6cc6641c39c30b5e787256c23fa3927b0

    • SSDEEP

      98304:bBax0HTtGRoXuo73LIDUae0OEHtpKMbaqALvQIIxNiRo2Zo/AE9aF55FP4elzQH+:AmttF3EDv3p/baqCI3V2W/eL9QL9w

    Score
    10/10
    xmrigevasionminer

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Drops file in Drivers directory

    • Stops running service(s)

      evasion

    • Executes dropped EXE

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks