Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

bf1b72b046...55.exe

windows7-x64

7

bf1b72b046...55.exe

windows10-2004-x64

10

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Bundfradra...es.ps1

windows7-x64

1

Bundfradra...es.ps1

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf1b72b0469fe09e9e544ec62774f07d6c568aadb8aecbdbefe8b35d8e586c55

  • Size

    652KB

  • Sample

    240310-val93agg2v

  • MD5

    4f9d76ea7b2a35dd03a4c2f398c07329

  • SHA1

    223a687ff0525c2bb51c0b5c9c285efd3c700fc1

  • SHA256

    bf1b72b0469fe09e9e544ec62774f07d6c568aadb8aecbdbefe8b35d8e586c55

  • SHA512

    ee227a209e5167b015056ae640753d076a3ccf741d7d94588339af7c6611fd33243a33ee5e5d46b88f384fc4d2237f784efff718a8c59f55cadcb8bc4b2d9752

  • SSDEEP

    12288:13K4CdvtoL5XHL6f+MIo3SSkKMaZNsf6TcBHRNsZe7+843+Kr:13/evW9Xm+N4/4YcBR6Zeq84V

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      bf1b72b0469fe09e9e544ec62774f07d6c568aadb8aecbdbefe8b35d8e586c55

    • Size

      652KB

    • MD5

      4f9d76ea7b2a35dd03a4c2f398c07329

    • SHA1

      223a687ff0525c2bb51c0b5c9c285efd3c700fc1

    • SHA256

      bf1b72b0469fe09e9e544ec62774f07d6c568aadb8aecbdbefe8b35d8e586c55

    • SHA512

      ee227a209e5167b015056ae640753d076a3ccf741d7d94588339af7c6611fd33243a33ee5e5d46b88f384fc4d2237f784efff718a8c59f55cadcb8bc4b2d9752

    • SSDEEP

      12288:13K4CdvtoL5XHL6f+MIo3SSkKMaZNsf6TcBHRNsZe7+843+Kr:13/evW9Xm+N4/4YcBR6Zeq84V

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      7KB

    • MD5

      675c4948e1efc929edcabfe67148eddd

    • SHA1

      f5bdd2c4329ed2732ecfe3423c3cc482606eb28e

    • SHA256

      1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906

    • SHA512

      61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683

    • SSDEEP

      96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW

    Score
    3/10
    behavioral3behavioral4

    • Target

      Bundfradrag/Halvtredsindstyvendedels/Afproeve204/Slagterbnkes.Mel

    • Size

      26KB

    • MD5

      951d7e58392326261921f6f6e7835226

    • SHA1

      a4c07552191b0f9f19e84c36ce3102768105f782

    • SHA256

      111b4163dc85878cdfb501f34e8868f1582b41c44f96423ec3df1ff3f191e7bb

    • SHA512

      13604f5cfcf612651fc5b01a9e3e03289ca3e4657ab96eff5b80c599508c819739fbbc709c80987e54b91a65239c6655c2e3a8434b239302e7d923667fc52fd4

    • SSDEEP

      768:iAzgtJCys7fTxT4pe9UYsTleBiujxVfges07:HzgyysTp4peJsTlIvrfgj07

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks