Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    35fa730adfdd0b15211d9bc04950f44d90daa9e72bb945d1158906b15fdde7c7

  • Size

    1.9MB

  • Sample

    240220-ffckgsbc4s

  • MD5

    91daf47ec23bdc6e075f0b4d81f9d6c7

  • SHA1

    3c4ffceccf97568efeff3939f51a12bbee63f6af

  • SHA256

    35fa730adfdd0b15211d9bc04950f44d90daa9e72bb945d1158906b15fdde7c7

  • SHA512

    c1ca51f839569bff829e3fd1e21d900833126cd320a7a36c74c149e5dc4a35ba61254dc6860ec51debb2b0ac91817639757d08bd34f8d7366ec1c9ba4f5eec96

  • SSDEEP

    49152:2NVoFnW4i20zpdFRmgXBlLkHSCZ3aQx3PSGFivxfQhIrdY4I:/nW4iZ9dFwgXfLkHtZn3tF4xYh99

Score
7/10

Malware Config

Targets

    • Target

      35fa730adfdd0b15211d9bc04950f44d90daa9e72bb945d1158906b15fdde7c7

    • Size

      1.9MB

    • MD5

      91daf47ec23bdc6e075f0b4d81f9d6c7

    • SHA1

      3c4ffceccf97568efeff3939f51a12bbee63f6af

    • SHA256

      35fa730adfdd0b15211d9bc04950f44d90daa9e72bb945d1158906b15fdde7c7

    • SHA512

      c1ca51f839569bff829e3fd1e21d900833126cd320a7a36c74c149e5dc4a35ba61254dc6860ec51debb2b0ac91817639757d08bd34f8d7366ec1c9ba4f5eec96

    • SSDEEP

      49152:2NVoFnW4i20zpdFRmgXBlLkHSCZ3aQx3PSGFivxfQhIrdY4I:/nW4iZ9dFwgXfLkHtZn3tF4xYh99

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks