Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    00889c79f70c0edc893271ce04f1370e

  • Size

    506KB

  • Sample

    231225-c6f4taccam

  • MD5

    00889c79f70c0edc893271ce04f1370e

  • SHA1

    727fe56d3ef82e087f6c2c27fa623388d970fed1

  • SHA256

    6f231b8f9a13c4aaee9423635eeeb0ee9f5869333b8e825a2487bf6fb68ba510

  • SHA512

    89c5722dbdc27e505a87aaf95481b5e7da0807458cb50b2773f4b026a29fdd57167866fb3c8ea002d5993bb773556ac2613e56800bc6380f51f8b58f46c90223

  • SSDEEP

    12288:rmW0cBkffjOii/HQCt4JC6lY9tZV24qtao2OoVL+66:wdb+fhwsVqa4C56

Score
7/10

Malware Config

Targets

    • Target

      00889c79f70c0edc893271ce04f1370e

    • Size

      506KB

    • MD5

      00889c79f70c0edc893271ce04f1370e

    • SHA1

      727fe56d3ef82e087f6c2c27fa623388d970fed1

    • SHA256

      6f231b8f9a13c4aaee9423635eeeb0ee9f5869333b8e825a2487bf6fb68ba510

    • SHA512

      89c5722dbdc27e505a87aaf95481b5e7da0807458cb50b2773f4b026a29fdd57167866fb3c8ea002d5993bb773556ac2613e56800bc6380f51f8b58f46c90223

    • SSDEEP

      12288:rmW0cBkffjOii/HQCt4JC6lY9tZV24qtao2OoVL+66:wdb+fhwsVqa4C56

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks