Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

d5ed4a3a22...b6.exe

windows7-x64

7

d5ed4a3a22...b6.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d5ed4a3a224d5d11c4e76addbe7521b6

  • Size

    506KB

  • Sample

    240319-mxgn4aab36

  • MD5

    d5ed4a3a224d5d11c4e76addbe7521b6

  • SHA1

    d80e383b1d3be309747192a78e8fcb40633516de

  • SHA256

    08618c093dd700ad82e25951f939f20760a3de7538f2c102e71bb33e0038c465

  • SHA512

    77512ac60bfd0ab0b1c681482b437a48cb5078406fba8f6f4cc8717a95a88738eea0d8571f901d0ed1c126718783a6300f4f5883e458b2ddd6c22c34209627e0

  • SSDEEP

    6144:/LFumn+U1yFVeBjSU5jpL0C2Y+qOk8rE/8nBr2kYwl5R7rOmzg7xK8dyq7m363tx:Bu2+UhSCL0CL8QUcBqRnpExpyqs5s58W

Score
7/10

Malware Config

Targets

    • Target

      d5ed4a3a224d5d11c4e76addbe7521b6

    • Size

      506KB

    • MD5

      d5ed4a3a224d5d11c4e76addbe7521b6

    • SHA1

      d80e383b1d3be309747192a78e8fcb40633516de

    • SHA256

      08618c093dd700ad82e25951f939f20760a3de7538f2c102e71bb33e0038c465

    • SHA512

      77512ac60bfd0ab0b1c681482b437a48cb5078406fba8f6f4cc8717a95a88738eea0d8571f901d0ed1c126718783a6300f4f5883e458b2ddd6c22c34209627e0

    • SSDEEP

      6144:/LFumn+U1yFVeBjSU5jpL0C2Y+qOk8rE/8nBr2kYwl5R7rOmzg7xK8dyq7m363tx:Bu2+UhSCL0CL8QUcBqRnpExpyqs5s58W

    Score
    7/10

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks