Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
03c35e1ee1b0bf6340cdb45773c9fd3e
-
Size
524KB
-
Sample
231229-zq16dacbb4
-
MD5
03c35e1ee1b0bf6340cdb45773c9fd3e
-
SHA1
1338fb2e480eb7a42cc6e299948583012c48cad5
-
SHA256
67e07368739819c893c0752d8dc1bc0c1f87764a711f18ceb9507162644a9393
-
SHA512
36ed40208275a2e13704cd73ab61a58f1f5deb02d80e91c3840a8836b6070228ebdf0c017955a84912aaa64a14511f3032468e3c648b64f9db13af79d77fcad4
-
SSDEEP
12288:JI0As/dcwf0e/GQAPCqtKbFeEFk88ho1RFR25Au14qsYBKBgMVkJoQg:W0F1cwfR/4tYk8HxR25+TYki1JoQg
Static task
static1
Behavioral task
behavioral1
Sample
03c35e1ee1b0bf6340cdb45773c9fd3e.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
03c35e1ee1b0bf6340cdb45773c9fd3e.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
03c35e1ee1b0bf6340cdb45773c9fd3e
-
Size
524KB
-
MD5
03c35e1ee1b0bf6340cdb45773c9fd3e
-
SHA1
1338fb2e480eb7a42cc6e299948583012c48cad5
-
SHA256
67e07368739819c893c0752d8dc1bc0c1f87764a711f18ceb9507162644a9393
-
SHA512
36ed40208275a2e13704cd73ab61a58f1f5deb02d80e91c3840a8836b6070228ebdf0c017955a84912aaa64a14511f3032468e3c648b64f9db13af79d77fcad4
-
SSDEEP
12288:JI0As/dcwf0e/GQAPCqtKbFeEFk88ho1RFR25Au14qsYBKBgMVkJoQg:W0F1cwfR/4tYk8HxR25+TYki1JoQg
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Drops file in System32 directory
-