Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0a9ef043882edacc8f30bd13977a465c

  • Size

    220KB

  • Sample

    231230-b8at5sgdg8

  • MD5

    0a9ef043882edacc8f30bd13977a465c

  • SHA1

    32eef93493a50b75dae3e0e36d3bf86779ff4c44

  • SHA256

    1c562e93c15bd6c05849276b1f31e38405246dd40e7ae44325523337e4f6f027

  • SHA512

    43a914db8af2928b1695760af7911a388193f9e6e3cf41743a75002d12c4a37cf81c5f2525466786731832c26a1703690ca12c8c31816c2dd7fdb6465462dcdb

  • SSDEEP

    6144:R7rWjayYoWv7fGkZWa+emUT6+VMSmoZI:RGvYbTnWa+0ThxM

Score
7/10

Malware Config

Targets

    • Target

      0a9ef043882edacc8f30bd13977a465c

    • Size

      220KB

    • MD5

      0a9ef043882edacc8f30bd13977a465c

    • SHA1

      32eef93493a50b75dae3e0e36d3bf86779ff4c44

    • SHA256

      1c562e93c15bd6c05849276b1f31e38405246dd40e7ae44325523337e4f6f027

    • SHA512

      43a914db8af2928b1695760af7911a388193f9e6e3cf41743a75002d12c4a37cf81c5f2525466786731832c26a1703690ca12c8c31816c2dd7fdb6465462dcdb

    • SSDEEP

      6144:R7rWjayYoWv7fGkZWa+emUT6+VMSmoZI:RGvYbTnWa+0ThxM

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks