Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

bc9734c2cc...5e.exe

windows7-x64

10

bc9734c2cc...5e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc9734c2cc8f0ce729606a1094139e5e

  • Size

    11.7MB

  • Sample

    240309-xypq7sfh88

  • MD5

    bc9734c2cc8f0ce729606a1094139e5e

  • SHA1

    9ba350559fdc66ad89cfaa88374dddcefd49ea37

  • SHA256

    dc9b51704541b43494bab704763d5f593a560cd758fd8d1aba1817a9a4ebd6b5

  • SHA512

    ed704ce7597efd3cb4e1ebb7acb3dacbc53f4f0819cf800ead36a07c7044d01115994303b467330ccd7c9a07bd40f46279ccb05abc528508bb41a86187885040

  • SSDEEP

    24576:ajCj10HSqGgeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeO:a/D

Score
10/10
tofseeevasionpersistencetrojan

Malware Config

Extracted

Family

tofsee

C2

defeatwax.ru

refabyd.info

Targets

    • Target

      bc9734c2cc8f0ce729606a1094139e5e

    • Size

      11.7MB

    • MD5

      bc9734c2cc8f0ce729606a1094139e5e

    • SHA1

      9ba350559fdc66ad89cfaa88374dddcefd49ea37

    • SHA256

      dc9b51704541b43494bab704763d5f593a560cd758fd8d1aba1817a9a4ebd6b5

    • SHA512

      ed704ce7597efd3cb4e1ebb7acb3dacbc53f4f0819cf800ead36a07c7044d01115994303b467330ccd7c9a07bd40f46279ccb05abc528508bb41a86187885040

    • SSDEEP

      24576:ajCj10HSqGgeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeO:a/D

    Score
    10/10
    tofseeevasionpersistencetrojan

    • Tofsee

      Backdoor/botnet which carries out malicious activities based on commands from a C2 server.

      trojantofsee

    • Windows security bypass

      evasiontrojan

    • Creates new service(s)

      persistence

    • Modifies Windows Firewall

      evasion

    • Sets service image path in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.