Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0fa40f175a17ee369070cf6638d7796a

  • Size

    1000KB

  • Sample

    231230-ftmmlsbgak

  • MD5

    0fa40f175a17ee369070cf6638d7796a

  • SHA1

    ece3736af541cf2e1ed5900d359208d67befff39

  • SHA256

    228eadff9b864a921cce298d3bc8fa4442a8d5e960dc44c0a78628201e8ff458

  • SHA512

    feddac78791ab71eceed4d8362430fec1d42111ee122cf4d2fb5075d2f942a7eca20fb2533a383cb706648cdfb8a34d08a6a5dc71c55d8f29cefbe596525e1f3

  • SSDEEP

    24576:h81t83HTQLly48l3mPCb41B+5vMiqt0gj2ed:hEkHTQLljHPCbSqOL

Score
7/10

Malware Config

Targets

    • Target

      0fa40f175a17ee369070cf6638d7796a

    • Size

      1000KB

    • MD5

      0fa40f175a17ee369070cf6638d7796a

    • SHA1

      ece3736af541cf2e1ed5900d359208d67befff39

    • SHA256

      228eadff9b864a921cce298d3bc8fa4442a8d5e960dc44c0a78628201e8ff458

    • SHA512

      feddac78791ab71eceed4d8362430fec1d42111ee122cf4d2fb5075d2f942a7eca20fb2533a383cb706648cdfb8a34d08a6a5dc71c55d8f29cefbe596525e1f3

    • SSDEEP

      24576:h81t83HTQLly48l3mPCb41B+5vMiqt0gj2ed:hEkHTQLljHPCbSqOL

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks