Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
8c18208998ce44c0b1bc34ca41af7e2a.exe
Resource
win7-20231215-en
General
-
Target
8c18208998ce44c0b1bc34ca41af7e2a
-
Size
5.8MB
-
MD5
8c18208998ce44c0b1bc34ca41af7e2a
-
SHA1
36bf8fb200a7a5d2e3f68a1e38ee3370357d670d
-
SHA256
9204d231692037fe3cf3ce5694569cad170d46514b8102b36ed5657cb8c0cc4b
-
SHA512
c9e843950e92ccb71f385e7c93048d610a8bba3390635d01775f8d362ee7244f9d4164894221c02b4a32af29145a2cb7fe372e005bbd5c6fcccf98f02cd771fc
-
SSDEEP
98304:pKvkW/bRTKTuwVgg3gnl/IVUs1jePsgzOSgz9Mj4jhSHaHgg3gnl/IVUs1jePs:AsW/bRTmuwjgl/iBiPK5rjgalgl/iBiP
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8c18208998ce44c0b1bc34ca41af7e2a
Files
-
8c18208998ce44c0b1bc34ca41af7e2a.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 135KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE