Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    19749435c265787fd8fbebb9a0520a88

  • Size

    2.6MB

  • Sample

    231230-qcsgmsgdd4

  • MD5

    19749435c265787fd8fbebb9a0520a88

  • SHA1

    6a967b0f394b72596dd9dbce458accd17c7935be

  • SHA256

    3bb1ce5be78b664b7ca63e113e45b59e60d33acf8614614120b35ffacc4a208a

  • SHA512

    6d46dd7e77b8c6e64fe1c2059182cec900c8c0869f7d2ba48fee30f397e1ac7b250c0ff699b6378f70cbf69cc9621e9a56becb8acaf094d48fb762fcf012e7f3

  • SSDEEP

    49152:5TKkv00HtAulnTFiu7Fcwxn8zau9u50tnsLHHe/Gk/OEWxKTtbWICIAfMAlB5QNG:cKNAknTFAwRA20tnsLH+unEWhICZn5zx

Score
7/10

Malware Config

Targets

    • Target

      155绿色软件站.url

    • Size

      219B

    • MD5

      3a1f2a8a3ef08ae269517a69ea918b2c

    • SHA1

      7d2e6719702bc8472e045e010efa6ed3f7df4b5b

    • SHA256

      66eafefa8bb0155e60828476bde6068573fe64a4fd0aa052eba074dbe85d46cd

    • SHA512

      22203a78192cadc02d0f887247675925273a69e3be82ec1a331197f892216a282cc8f37c3ffbfb578a708244181037277b8cc6a40d8ec70cdf0feac5d80f8576

    Score
    1/10
    • Target

      补丁安装器.exe

    • Size

      3.1MB

    • MD5

      a1f4b1451d1a00e280a60200d7e8112b

    • SHA1

      bef3b2c7e0a01d7fdb211793fad15d9131ea9783

    • SHA256

      5e0688bce3d5e887cf1e93c6d0d294fc331af764f89d51b5cfb43526fe1d82c5

    • SHA512

      4c65a9e8980c10f2b5e1facce3d74d4a68c24cd308a63d2c3aa77c3ef2d4d566948f28011272558606f7c1835371e9ba34d8cdede25a0871640bc26e5c8ea063

    • SSDEEP

      98304:xeIR5xdvaedYyNfxGtNhFEuk7S/pVrEzuC/TO3z:A2CeWy3GDhFEuk08SC/aD

    Score
    7/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks