Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
88b0e395af46237cc4e747d6fb72b66cb13c3ebb79e744f207c5220d82098c2a
-
Size
414KB
-
Sample
240114-2a1k1sddbl
-
MD5
53440afc9cd1ef21a952ecb0e71d2d41
-
SHA1
9ac171a2aa9d18c05e1cf2384dd0ec5f550898c4
-
SHA256
88b0e395af46237cc4e747d6fb72b66cb13c3ebb79e744f207c5220d82098c2a
-
SHA512
89f81df4d4358d2b97e804f73f95fc04450f716ea50c4f0c896f0df1295af30f0ebce4b3adbe193b42c118fb246e04ffb1bb689d6b31b776d4527d3412800632
-
SSDEEP
6144:5/nyPhSrJKNFAnQyGCeuXkJOldxZJVnoSFHiSOrpyYR3dPI:5/ny5gKNjEEJOldxZJySFCNr7PI
Malware Config
Extracted
https://drive.google.com/uc?export=download&id=1ogbCiwBaVXPjDHhV0GcZx3l_HoU1dbid
Targets
-
-
Target
88b0e395af46237cc4e747d6fb72b66cb13c3ebb79e744f207c5220d82098c2a
-
Size
414KB
-
MD5
53440afc9cd1ef21a952ecb0e71d2d41
-
SHA1
9ac171a2aa9d18c05e1cf2384dd0ec5f550898c4
-
SHA256
88b0e395af46237cc4e747d6fb72b66cb13c3ebb79e744f207c5220d82098c2a
-
SHA512
89f81df4d4358d2b97e804f73f95fc04450f716ea50c4f0c896f0df1295af30f0ebce4b3adbe193b42c118fb246e04ffb1bb689d6b31b776d4527d3412800632
-
SSDEEP
6144:5/nyPhSrJKNFAnQyGCeuXkJOldxZJVnoSFHiSOrpyYR3dPI:5/ny5gKNjEEJOldxZJySFCNr7PI
Score10/10-
UAC bypass
-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-