Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3d04fa4b6ab36cf449cd1409151eaac4fa3568d9cd3218c549024ef537d7f6f5.exe

  • Size

    637KB

  • Sample

    240305-pgldfsee21

  • MD5

    e1f8774423b74f716eeb43a8a88d4737

  • SHA1

    c794a7eed3125ea710c53659eda0ab706d93b35a

  • SHA256

    3d04fa4b6ab36cf449cd1409151eaac4fa3568d9cd3218c549024ef537d7f6f5

  • SHA512

    0ccdf7cd625d757e411167edb586cbf69314d07e7984fe65f7dc0c83409c842c0e26b19a7d49968ce4c7369fc7f24291ba7492c49851199bbfc912284184c587

  • SSDEEP

    12288:jkydrAVNQDJ/ZWGt2S1fFdZy2NYajr9glb9QgpF6qXGDYGOUIW90y:vdrAVNQt/ZVESRVNhP9gl9Q9ZvxtJ

Score
7/10

Malware Config

Targets

    • Target

      3d04fa4b6ab36cf449cd1409151eaac4fa3568d9cd3218c549024ef537d7f6f5.exe

    • Size

      637KB

    • MD5

      e1f8774423b74f716eeb43a8a88d4737

    • SHA1

      c794a7eed3125ea710c53659eda0ab706d93b35a

    • SHA256

      3d04fa4b6ab36cf449cd1409151eaac4fa3568d9cd3218c549024ef537d7f6f5

    • SHA512

      0ccdf7cd625d757e411167edb586cbf69314d07e7984fe65f7dc0c83409c842c0e26b19a7d49968ce4c7369fc7f24291ba7492c49851199bbfc912284184c587

    • SSDEEP

      12288:jkydrAVNQDJ/ZWGt2S1fFdZy2NYajr9glb9QgpF6qXGDYGOUIW90y:vdrAVNQt/ZVESRVNhP9gl9Q9ZvxtJ

    Score
    7/10
    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      fc90dfb694d0e17b013d6f818bce41b0

    • SHA1

      3243969886d640af3bfa442728b9f0dff9d5f5b0

    • SHA256

      7fe77ca13121a113c59630a3dba0c8aaa6372e8082393274da8f8608c4ce4528

    • SHA512

      324f13aa7a33c6408e2a57c3484d1691ecee7c3c1366de2bb8978c8dc66b18425d8cab5a32d1702c13c43703e36148a022263de7166afdce141da2b01169f1c6

    • SSDEEP

      192:e/b2HS5ih/7i00eWz9T7PH6yeFcQMI5+Vw+EXWZ77dslFZk:ewSUmWw9T7MmnI5+/F7Kdk

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks