Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    71b29326e25cd4536eccf0f66c41b229

  • Size

    1.0MB

  • Sample

    240124-jv3xrsddhn

  • MD5

    71b29326e25cd4536eccf0f66c41b229

  • SHA1

    10754a00be9726f05671f69d1790a7e797af87ab

  • SHA256

    7b9ed8b14141105159a339086596cc103523e615b309e53beb56e68fb82df384

  • SHA512

    c290be316da8c240aefdbfc447c673473036a5ed3458b2141f06b0e3309faf0a4b4af385fde8aba0970568f618bd0d0bec44264aef6c0914e76f5f101ffec089

  • SSDEEP

    24576:dvVoxa8cIWoSpaBFasuLcdm4RrU9hgauaEZsoVhka20y2o61yMWXQC+aSMysCP4V:ddoxa8cIWoSpaBFasuLcdrrU9hgauaEi

Score
10/10

Malware Config

Targets

    • Target

      71b29326e25cd4536eccf0f66c41b229

    • Size

      1.0MB

    • MD5

      71b29326e25cd4536eccf0f66c41b229

    • SHA1

      10754a00be9726f05671f69d1790a7e797af87ab

    • SHA256

      7b9ed8b14141105159a339086596cc103523e615b309e53beb56e68fb82df384

    • SHA512

      c290be316da8c240aefdbfc447c673473036a5ed3458b2141f06b0e3309faf0a4b4af385fde8aba0970568f618bd0d0bec44264aef6c0914e76f5f101ffec089

    • SSDEEP

      24576:dvVoxa8cIWoSpaBFasuLcdm4RrU9hgauaEZsoVhka20y2o61yMWXQC+aSMysCP4V:ddoxa8cIWoSpaBFasuLcdrrU9hgauaEi

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks