Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
22/12/2023, 01:08
Behavioral task
behavioral1
Sample
/Client.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
/Client.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
/getsetup.exe
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
/getsetup.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
/getsetup.hb
Resource
ubuntu1804-amd64-20231222-en
Behavioral task
behavioral6
Sample
/ƶ_C.exe
Resource
win7-20231215-en
Behavioral task
behavioral7
Sample
/ƶ_C.exe
Resource
win10v2004-20231222-en
General
-
Target
/Client.exe
-
Size
2.0MB
-
MD5
9b3ea601933ce069356088d3a2359848
-
SHA1
aa50484edd009f8ebf8d7c8ad98c66a219a26432
-
SHA256
ca365663bfe424c2c093be6ab5dee4b64980c7eaaabf9a4be3c868eb8436ad94
-
SHA512
89a2fee47794eae951ce1dbf06c3ff8e7f1a6ecf7a9aa172a53c6533be0cafaf47bff668e88c4f4483f68dd96a3047798c1c1a58081ae9de60cc657192733992
-
SSDEEP
49152:ljm4F8QcV1CglPiQLhmU6T+JngKi5MHcB9RfRoRsxZWcvQb:HFZcpPikJJgfM8B9RS2xP4
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
pid Process 1064 Client.exe -
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 1064 Client.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 1064 Client.exe 1064 Client.exe