Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5798aefb07e12a942672a60c2be101dc26b01485616713e8be1f68b321747f2f

  • Size

    442KB

  • Sample

    240225-jnh9safh3y

  • MD5

    c02689449a4ce73ec79a52595ab590f6

  • SHA1

    5908453afef391437c632ca0ce921dbf0c6e8bd5

  • SHA256

    5798aefb07e12a942672a60c2be101dc26b01485616713e8be1f68b321747f2f

  • SHA512

    86503802f69ab69ee18e5b8635ca9442867beed6b1547565bbc3bae12db51b7aa5ed1ed472a1c7278608a936747865f290297f78b729c249006ee6377cc86082

  • SSDEEP

    6144:RlDoHtgdupnzKELHSM0zAAFFOQVJ3hAkToXTOnRnN/jxrUmNAXRDfSZ8cPiKqpr/:Uj87domKxSZ8LKqm31uQHTbJ/ERp4Q5D

Score
10/10

Malware Config

Targets

    • Target

      5798aefb07e12a942672a60c2be101dc26b01485616713e8be1f68b321747f2f

    • Size

      442KB

    • MD5

      c02689449a4ce73ec79a52595ab590f6

    • SHA1

      5908453afef391437c632ca0ce921dbf0c6e8bd5

    • SHA256

      5798aefb07e12a942672a60c2be101dc26b01485616713e8be1f68b321747f2f

    • SHA512

      86503802f69ab69ee18e5b8635ca9442867beed6b1547565bbc3bae12db51b7aa5ed1ed472a1c7278608a936747865f290297f78b729c249006ee6377cc86082

    • SSDEEP

      6144:RlDoHtgdupnzKELHSM0zAAFFOQVJ3hAkToXTOnRnN/jxrUmNAXRDfSZ8cPiKqpr/:Uj87domKxSZ8LKqm31uQHTbJ/ERp4Q5D

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks