Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c5c6c2ca40...3b.exe

windows7-x64

10

c5c6c2ca40...3b.exe

windows10-2004-x64

10

Biomolecul...id.ps1

windows7-x64

8

Biomolecul...id.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c5c6c2ca40239d1546571d3bf9c0f8c00786d5a3ea23c185ab3fccd65001303b

  • Size

    678KB

  • Sample

    240326-cbemhaed6z

  • MD5

    7d137e6d226fbac1929470bad2e491a4

  • SHA1

    8ade719638ad770b75f056515a9ba9b002e173cc

  • SHA256

    c5c6c2ca40239d1546571d3bf9c0f8c00786d5a3ea23c185ab3fccd65001303b

  • SHA512

    94ac28a918371eef7db0b87724a95f802fb8f50ad02372ae71b1c75c283bb51d714395c8ac19c05d20362b3756f66227c0354c5da135844341ee36603f4c30e8

  • SSDEEP

    12288:FLTA8PHO5mU0It6qqHfB3VhOR+p67OhZv2SI3u:9TA8PO5mU16/HtjDhZH

Score
10/10
guloaderdownloaderpersistence

Malware Config

Targets

    • Target

      c5c6c2ca40239d1546571d3bf9c0f8c00786d5a3ea23c185ab3fccd65001303b

    • Size

      678KB

    • MD5

      7d137e6d226fbac1929470bad2e491a4

    • SHA1

      8ade719638ad770b75f056515a9ba9b002e173cc

    • SHA256

      c5c6c2ca40239d1546571d3bf9c0f8c00786d5a3ea23c185ab3fccd65001303b

    • SHA512

      94ac28a918371eef7db0b87724a95f802fb8f50ad02372ae71b1c75c283bb51d714395c8ac19c05d20362b3756f66227c0354c5da135844341ee36603f4c30e8

    • SSDEEP

      12288:FLTA8PHO5mU0It6qqHfB3VhOR+p67OhZv2SI3u:9TA8PO5mU16/HtjDhZH

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      Biomolecule/Shopmaid.Gra

    • Size

      61KB

    • MD5

      d003bc3b0862bfceec3a0869b7872b8a

    • SHA1

      477a3475ffe393390c6faf530887d0d162662feb

    • SHA256

      994c3a38ec25e17024e4260571b946d006aac11fcceb754bc68e18d13c394b51

    • SHA512

      ae2a0a61e7d03afd55ede91c0712d89fa9b4504ac9b5db23a7e5f30d8a1fb226e71e9c6383bd1ec55b15cef61e952124b44f77cafd74aa5af4db6d7a92dab88a

    • SSDEEP

      1536:tMfur/H2ttlMwEcdJwK7OqcgwwO+5DPMEi18:Q8f2BMojUqXNAh8

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks