Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

c8d591bc16...62.exe

windows7-x64

10

c8d591bc16...62.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c8d591bc16616887d87b715a8c1f2462.bin

  • Size

    11.3MB

  • Sample

    231105-dmaclaab2s

  • MD5

    c8d591bc16616887d87b715a8c1f2462

  • SHA1

    8f553bcf72d94acc6602400388c102fcad96f74e

  • SHA256

    51c17131fdcf0dc213cb066024c72ef79ca0c33177c60f226b8c4ca447ff3214

  • SHA512

    f16a057737d2833ef12399f3850c0c4ea8230a3f945171a62e0b330bd22c5f34bbc520900d939aa77a8ed34982e7b4827eb26d4e78aeb162855782e06280f117

  • SSDEEP

    196608:WJWQd/GQDd3JjPOVXRzPHGvhraFLCvU6CILodzD2hqIVFOM+JXBry+azIT:iWQdr5uX5PHG5EQnLk6hLedB5mI

Score
10/10
xmrigevasionminer

Malware Config

Targets

    • Target

      c8d591bc16616887d87b715a8c1f2462.bin

    • Size

      11.3MB

    • MD5

      c8d591bc16616887d87b715a8c1f2462

    • SHA1

      8f553bcf72d94acc6602400388c102fcad96f74e

    • SHA256

      51c17131fdcf0dc213cb066024c72ef79ca0c33177c60f226b8c4ca447ff3214

    • SHA512

      f16a057737d2833ef12399f3850c0c4ea8230a3f945171a62e0b330bd22c5f34bbc520900d939aa77a8ed34982e7b4827eb26d4e78aeb162855782e06280f117

    • SSDEEP

      196608:WJWQd/GQDd3JjPOVXRzPHGvhraFLCvU6CILodzD2hqIVFOM+JXBry+azIT:iWQdr5uX5PHG5EQnLk6hLedB5mI

    Score
    10/10
    xmrigevasionminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks