Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

03bdbb249e...48.exe

windows7-x64

7

03bdbb249e...48.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03bdbb249e6841eec5c2f0f5b775a048

  • Size

    1.6MB

  • Sample

    231229-zqacnacaa3

  • MD5

    03bdbb249e6841eec5c2f0f5b775a048

  • SHA1

    807773694242faa68f2d820aae54752b218f2e83

  • SHA256

    883ea30ab5b21c5a53fdd90726fcf14512d1c82890c512a94eecf17185d9e31a

  • SHA512

    e8722c1dd2301f5ab2227cc232746529c5b94b1667a01babdf60a0a614795cc3379ae97c79fffab352835a4ac8066ea6a58d5b6c649097ba88ead23ac8440c09

  • SSDEEP

    49152:RFrpyKOU5s5b6sdteQOHxol2DrYolwuUNlpYx8+:nrSlbNQJHU2/7/k7Yx8+

Score
7/10
evasionpersistencethemida

Malware Config

Targets

    • Target

      03bdbb249e6841eec5c2f0f5b775a048

    • Size

      1.6MB

    • MD5

      03bdbb249e6841eec5c2f0f5b775a048

    • SHA1

      807773694242faa68f2d820aae54752b218f2e83

    • SHA256

      883ea30ab5b21c5a53fdd90726fcf14512d1c82890c512a94eecf17185d9e31a

    • SHA512

      e8722c1dd2301f5ab2227cc232746529c5b94b1667a01babdf60a0a614795cc3379ae97c79fffab352835a4ac8066ea6a58d5b6c649097ba88ead23ac8440c09

    • SSDEEP

      49152:RFrpyKOU5s5b6sdteQOHxol2DrYolwuUNlpYx8+:nrSlbNQJHU2/7/k7Yx8+

    Score
    7/10
    evasionpersistencethemida

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks