Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bed1366b4384c6cb82e23b25cf687d16
-
Size
506KB
-
Sample
240310-rlc9raec47
-
MD5
bed1366b4384c6cb82e23b25cf687d16
-
SHA1
04fb4a022440efe44bcd47e413d5554e1ea9e038
-
SHA256
7b0e6677c380db79e30a8d2c658424e2b5d7104f05c4465b6c98f772e9d514f3
-
SHA512
24bd466a8dc902ca930d304a5d8c2cc0770f7d4ab848987e4fe42dae0cbbf284b8d59e60c3cc16769f164195cc55e92a8fff51188a1a57872d12f17df8a60fae
-
SSDEEP
12288:QvZUMqaR47sQ3V0qDLGinvFQpf9ZpvhkdA2Bd+Sy:QT2sQ3hDiiYpv2dQ
Static task
static1
Behavioral task
behavioral1
Sample
bed1366b4384c6cb82e23b25cf687d16.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
bed1366b4384c6cb82e23b25cf687d16.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
bed1366b4384c6cb82e23b25cf687d16
-
Size
506KB
-
MD5
bed1366b4384c6cb82e23b25cf687d16
-
SHA1
04fb4a022440efe44bcd47e413d5554e1ea9e038
-
SHA256
7b0e6677c380db79e30a8d2c658424e2b5d7104f05c4465b6c98f772e9d514f3
-
SHA512
24bd466a8dc902ca930d304a5d8c2cc0770f7d4ab848987e4fe42dae0cbbf284b8d59e60c3cc16769f164195cc55e92a8fff51188a1a57872d12f17df8a60fae
-
SSDEEP
12288:QvZUMqaR47sQ3V0qDLGinvFQpf9ZpvhkdA2Bd+Sy:QT2sQ3hDiiYpv2dQ
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-