Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

RFQ-High Star.exe

windows7-x64

7

RFQ-High Star.exe

windows10-2004-x64

7

hzejkkd.exe

windows7-x64

7

hzejkkd.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RFQ-High Star.exe

  • Size

    432KB

  • Sample

    240122-xwg9cacdej

  • MD5

    8f7596194540848a34760575eb00b636

  • SHA1

    bbb8ad4edae483048d9785e29b829fbfadcbd371

  • SHA256

    c3c08b94e956165562366c14e6ace4a5fe4c66edb0e47628ad94883e02f719ce

  • SHA512

    f280f059b1126b6107ffdaa59b84c72bf643ed6b2de2ffd448409cb91c744eb41838cd38c5062270a9fb2cb74d3f82320d532a709243001ea6dec0f07980e6df

  • SSDEEP

    6144:P8LxBfsjPzbYSQN5DGHGCPLJqzXhCni57u6IUGiTNJy59IDhN4Uy3Veyky43lWoW:esjbDQOHtkLhSy/aEV6UyoykL19in

Score
7/10
discovery

Malware Config

Targets

    • Target

      RFQ-High Star.exe

    • Size

      432KB

    • MD5

      8f7596194540848a34760575eb00b636

    • SHA1

      bbb8ad4edae483048d9785e29b829fbfadcbd371

    • SHA256

      c3c08b94e956165562366c14e6ace4a5fe4c66edb0e47628ad94883e02f719ce

    • SHA512

      f280f059b1126b6107ffdaa59b84c72bf643ed6b2de2ffd448409cb91c744eb41838cd38c5062270a9fb2cb74d3f82320d532a709243001ea6dec0f07980e6df

    • SSDEEP

      6144:P8LxBfsjPzbYSQN5DGHGCPLJqzXhCni57u6IUGiTNJy59IDhN4Uy3Veyky43lWoW:esjbDQOHtkLhSy/aEV6UyoykL19in

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      hzejkkd.exe

    • Size

      261KB

    • MD5

      6433e88c2c73b93e935c74e650fee81d

    • SHA1

      4293beea2045cf34746a003ebe779f2302a177f5

    • SHA256

      f16e83d67d23cae50e5c0b8881ff8206e4e73b026229396615d0b8bd2caec7b0

    • SHA512

      f3f1d02345034397ee5e7866ec9d3638f054e4395fe82cbf79bf10e0062ae70bce4d50ffeff018392f85b4799e3bd715780b670606a1decfbe34899805563db7

    • SSDEEP

      6144:C4KYr8wAStrwb6E/HtFdbr0vv5R2AJXN5WeSmkMud50:C4Ltrwb6E/HtFdbr0vv5RByeaMud5

    Score
    7/10
    discovery

    • Modifies file permissions

      discovery

    • Suspicious use of SetThreadContext

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks