Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

1af70c7e2f...e3.exe

windows7-x64

7

1af70c7e2f...e3.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1af70c7e2f2c31d4d9f91e3e60d5dde3

  • Size

    188KB

  • Sample

    231230-rewgraeeam

  • MD5

    1af70c7e2f2c31d4d9f91e3e60d5dde3

  • SHA1

    97bda031c9a0166f808474614b18099ce8734319

  • SHA256

    d388cb1615cf29a24749d1331e09ea4ea2837c3ba99decca3bf114c50b59cfe7

  • SHA512

    b3d4ee199d298b1a1707b36bee31ed434b864be33cf46e3c3ac668c90657d31b68dcc892d5dd5ba52858ad85b84dd8a5922ffe4b4a9ae9673849b49d0855766a

  • SSDEEP

    3072:mNuBD8urPQYRI2x/wxlmxCpOtyv6EnbcmVhRS33I/zB0voeW0Hqo+Ew3aUo+lL:mN2rFuA/wjqCpyySENDRz3epKo+Po

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      1af70c7e2f2c31d4d9f91e3e60d5dde3

    • Size

      188KB

    • MD5

      1af70c7e2f2c31d4d9f91e3e60d5dde3

    • SHA1

      97bda031c9a0166f808474614b18099ce8734319

    • SHA256

      d388cb1615cf29a24749d1331e09ea4ea2837c3ba99decca3bf114c50b59cfe7

    • SHA512

      b3d4ee199d298b1a1707b36bee31ed434b864be33cf46e3c3ac668c90657d31b68dcc892d5dd5ba52858ad85b84dd8a5922ffe4b4a9ae9673849b49d0855766a

    • SSDEEP

      3072:mNuBD8urPQYRI2x/wxlmxCpOtyv6EnbcmVhRS33I/zB0voeW0Hqo+Ew3aUo+lL:mN2rFuA/wjqCpyySENDRz3epKo+Po

    Score
    7/10
    persistenceupx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks