Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5f8aaf342051afd5949aa5119134405d
-
Size
12.3MB
-
Sample
231226-kapebaacc8
-
MD5
5f8aaf342051afd5949aa5119134405d
-
SHA1
0f403390eb2dd0187347c0598fe553b538e202d0
-
SHA256
5f1d73602982331b76d49f123d1defdf29c394c7a84571b1834afeb2690dcadc
-
SHA512
d85d545763ded0dc285460a0822b60912115185d630dbd4e9914e02354bd42695bf58763cb469c1c1bafa7359a420ae1f289a023af350f18f905c4fd95599548
-
SSDEEP
393216:4QQBBFwWWEpCEDLJ83a10RtN3ZWbs1TJ2KsD:4QKFwW3pCEDtEa6tN3KO
Behavioral task
behavioral1
Sample
5f8aaf342051afd5949aa5119134405d.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
5f8aaf342051afd5949aa5119134405d
-
Size
12.3MB
-
MD5
5f8aaf342051afd5949aa5119134405d
-
SHA1
0f403390eb2dd0187347c0598fe553b538e202d0
-
SHA256
5f1d73602982331b76d49f123d1defdf29c394c7a84571b1834afeb2690dcadc
-
SHA512
d85d545763ded0dc285460a0822b60912115185d630dbd4e9914e02354bd42695bf58763cb469c1c1bafa7359a420ae1f289a023af350f18f905c4fd95599548
-
SSDEEP
393216:4QQBBFwWWEpCEDLJ83a10RtN3ZWbs1TJ2KsD:4QKFwW3pCEDtEa6tN3KO
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-