Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b11eac916daabd2924e16d9f4bac0b8760f608c8f23c9e98d2b0240526a00c59.exe

  • Size

    732KB

  • Sample

    240406-bxqq8ahb47

  • MD5

    8ff6d5c20b09737261248a3335ce8898

  • SHA1

    764fcf893e02ec25e46feac2cb88ae88b32be3a7

  • SHA256

    b11eac916daabd2924e16d9f4bac0b8760f608c8f23c9e98d2b0240526a00c59

  • SHA512

    59a765ea56a7dd821f1f059d65785daefba05bb563be8fc82e71577be2ba12a224f0adc761b06188c6a437860cb91482b468b657dd4aa33f9b2fb9f525d87b2e

  • SSDEEP

    12288:Mo9HOyVpvKsdkVDik53lldigcOmTywmHBjLrAI:MGuyVpv7dkVDJ5VlcgcAwOrAI

Score
10/10

Malware Config

Targets

    • Target

      b11eac916daabd2924e16d9f4bac0b8760f608c8f23c9e98d2b0240526a00c59.exe

    • Size

      732KB

    • MD5

      8ff6d5c20b09737261248a3335ce8898

    • SHA1

      764fcf893e02ec25e46feac2cb88ae88b32be3a7

    • SHA256

      b11eac916daabd2924e16d9f4bac0b8760f608c8f23c9e98d2b0240526a00c59

    • SHA512

      59a765ea56a7dd821f1f059d65785daefba05bb563be8fc82e71577be2ba12a224f0adc761b06188c6a437860cb91482b468b657dd4aa33f9b2fb9f525d87b2e

    • SSDEEP

      12288:Mo9HOyVpvKsdkVDik53lldigcOmTywmHBjLrAI:MGuyVpv7dkVDJ5VlcgcAwOrAI

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks