Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    288884ac625f7cc93a396d875bfd7a89

  • Size

    4.8MB

  • Sample

    231231-fad65afef2

  • MD5

    288884ac625f7cc93a396d875bfd7a89

  • SHA1

    5653b63b175e075d615a4f95296a3a8bdf816376

  • SHA256

    03586e23f1a37a4d85fe6a626d7b4af3c0041f4ea304dcb695bc6e03d525b6e1

  • SHA512

    9d5fe7bd4745d8fc3693a0bf482ae26b07ab4a529bb8fc8b8ed355c304f547c1520e15a57272c23a713cba8252abe58160d07088c474af144d8226a83c49b05a

  • SSDEEP

    12288:tuBdmV5bzGwzHGwTHbnH1BrCHkn7CwzRhWQCHi:tuDCQwiwH1BWnghWHi

Score
10/10

Malware Config

Targets

    • Target

      288884ac625f7cc93a396d875bfd7a89

    • Size

      4.8MB

    • MD5

      288884ac625f7cc93a396d875bfd7a89

    • SHA1

      5653b63b175e075d615a4f95296a3a8bdf816376

    • SHA256

      03586e23f1a37a4d85fe6a626d7b4af3c0041f4ea304dcb695bc6e03d525b6e1

    • SHA512

      9d5fe7bd4745d8fc3693a0bf482ae26b07ab4a529bb8fc8b8ed355c304f547c1520e15a57272c23a713cba8252abe58160d07088c474af144d8226a83c49b05a

    • SSDEEP

      12288:tuBdmV5bzGwzHGwTHbnH1BrCHkn7CwzRhWQCHi:tuDCQwiwH1BWnghWHi

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks