Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
571f30eb53639b2170d8c402366265d0282f8a86edf438061bdb8e6a67eaaf56
-
Size
250KB
-
Sample
231115-tpvpbade41
-
MD5
c8a0ee4462f8e5b7e74d449f09d05056
-
SHA1
aecde6f16902cb6271a0690c3f8df9841d956905
-
SHA256
571f30eb53639b2170d8c402366265d0282f8a86edf438061bdb8e6a67eaaf56
-
SHA512
59f025a0dc488eeca902af1495c56414128822c60de9264b8a9b1f7444e9115cd6997323326c2902899d949cfc9cb909bf3abb9162a0911a390e42fcba4dc0d9
-
SSDEEP
3072:E/tnLuU8Vq3NKrTBXkMFtheWQSZrVLR2PFco9CRU:aNLur83IrlXxFthkPF
Static task
static1
Behavioral task
behavioral1
Sample
571f30eb53639b2170d8c402366265d0282f8a86edf438061bdb8e6a67eaaf56.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
smokeloader
up4
Extracted
smokeloader
2020
http://host-file-file0.com/
http://file-file-file1.com/
Targets
-
-
Target
571f30eb53639b2170d8c402366265d0282f8a86edf438061bdb8e6a67eaaf56
-
Size
250KB
-
MD5
c8a0ee4462f8e5b7e74d449f09d05056
-
SHA1
aecde6f16902cb6271a0690c3f8df9841d956905
-
SHA256
571f30eb53639b2170d8c402366265d0282f8a86edf438061bdb8e6a67eaaf56
-
SHA512
59f025a0dc488eeca902af1495c56414128822c60de9264b8a9b1f7444e9115cd6997323326c2902899d949cfc9cb909bf3abb9162a0911a390e42fcba4dc0d9
-
SSDEEP
3072:E/tnLuU8Vq3NKrTBXkMFtheWQSZrVLR2PFco9CRU:aNLur83IrlXxFthkPF
Score10/10-
Modifies Installed Components in the registry
-
Deletes itself
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-