Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8634a3db54...79.exe

windows7-x64

7

8634a3db54...79.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8634a3db542e996337729ffab3913e48633f6422d1cde9a6f743a42a3bf75679.exe

  • Size

    814KB

  • Sample

    240229-f9j7esga42

  • MD5

    daeeb64bc3b2ca69d5062b932d9f5486

  • SHA1

    d958e304dbd45b11f414034799e005510ff2d94d

  • SHA256

    8634a3db542e996337729ffab3913e48633f6422d1cde9a6f743a42a3bf75679

  • SHA512

    6db8fc36dfd4b0ce9c4e15f27c25760cd361f78bffbc8e39796f846f324b58fb90800fe9ca6c1f2e35f415ae7ba880730aeaa4a90621bb1634b7c12e04742d0a

  • SSDEEP

    12288:6JTQdb6aT/+OkC2WOPASrfuhheB0IyXUJW+QiAukU30+9Ir/CSQC:mTQdb6aTfkC2WOIOI4qIwUk+T/G/CA

Score
7/10

Malware Config

Targets

    • Target

      8634a3db542e996337729ffab3913e48633f6422d1cde9a6f743a42a3bf75679.exe

    • Size

      814KB

    • MD5

      daeeb64bc3b2ca69d5062b932d9f5486

    • SHA1

      d958e304dbd45b11f414034799e005510ff2d94d

    • SHA256

      8634a3db542e996337729ffab3913e48633f6422d1cde9a6f743a42a3bf75679

    • SHA512

      6db8fc36dfd4b0ce9c4e15f27c25760cd361f78bffbc8e39796f846f324b58fb90800fe9ca6c1f2e35f415ae7ba880730aeaa4a90621bb1634b7c12e04742d0a

    • SSDEEP

      12288:6JTQdb6aT/+OkC2WOPASrfuhheB0IyXUJW+QiAukU30+9Ir/CSQC:mTQdb6aTfkC2WOIOI4qIwUk+T/G/CA

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      2ae993a2ffec0c137eb51c8832691bcb

    • SHA1

      98e0b37b7c14890f8a599f35678af5e9435906e1

    • SHA256

      681382f3134de5c6272a49dd13651c8c201b89c247b471191496e7335702fa59

    • SHA512

      2501371eb09c01746119305ba080f3b8c41e64535ff09cee4f51322530366d0bd5322ea5290a466356598027e6cda8ab360caef62dcaf560d630742e2dd9bcd9

    • SSDEEP

      192:vPtkumJX7zB22kGwfy0mtVgkCPOsE1un:k702k5qpdsEQn

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      b648c78981c02c434d6a04d4422a6198

    • SHA1

      74d99eed1eae76c7f43454c01cdb7030e5772fc2

    • SHA256

      3e3d516d4f28948a474704d5dc9907dbe39e3b3f98e7299f536337278c59c5c9

    • SHA512

      219c88c0ef9fd6e3be34c56d8458443e695badd27861d74c486143306a94b8318e6593bf4da81421e88e4539b238557dd4fe1f5bedf3ecec59727917099e90d2

    • SSDEEP

      96:U7GUxNkO6GR0t9GKKr1Zd8NHYVVHp4dEeY3kRnHdMqqyVgNN3e:mXhHR0aTQN4gRHdMqJVgNE

    Score
    3/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks