Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

PO# ROSIT�...40.exe

windows7-x64

10

PO# ROSIT�...40.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    15042024_1736_15042024_PO# ROSIT MR2309040.rar

  • Size

    611KB

  • Sample

    240415-lk29labb98

  • MD5

    a5b8e26033a105aa5e05cded5a93cd2a

  • SHA1

    e4165f902de236fb26922a47fea6472bd0962c13

  • SHA256

    5fa45df110fa3297cf9a6b980f8a8183569ce96b511bbe7d9cef1491ccca2136

  • SHA512

    1dd85e9a7801f4f89e4673ae5ac94e353ba66eb7d70530621a5edc26d931aa42ff17ba7ea0644438c8f7c7f122127aec0c4990960339519c2836088cfe289328

  • SSDEEP

    12288:QcfQ92YQSYcnip942xtRtT5CyPscnRm5sMMVqErsYkWL/O3Sn4Gwf5a:QgDSYcnTMtVtsb5IOWcS4G25a

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      PO# ROSIT MR2309040.exe

    • Size

      761KB

    • MD5

      9cca6c27ab4c2d57ffb57973de78658c

    • SHA1

      961a879187aa8d7665cb00bbbfddcf67bce4172c

    • SHA256

      051cb37b130a5af6e0fdcedbcbf67901e45baf9a99cf81e106b0e72e4ef2f6b9

    • SHA512

      afca46b53e037e1872f4810c45ac0561bcef96b7dffc34bfd697082228934f66a5ea949b578a28f9d1e1b6ee4698e639dc2f4ed4769eec2aa9ad55382ba91461

    • SSDEEP

      12288:Zgf3/HvEqA4wXuyo86ii63KnVdZsfZhgZ7q+V9qKWLZrEGg29fiuhx:83/PE0weyorI6nzOfZq7S+o9v

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      a4dd044bcd94e9b3370ccf095b31f896

    • SHA1

      17c78201323ab2095bc53184aa8267c9187d5173

    • SHA256

      2e226715419a5882e2e14278940ee8ef0aa648a3ef7af5b3dc252674111962bc

    • SHA512

      87335a43b9ca13e1300c7c23e702e87c669e2bcf4f6065f0c684fc53165e9c1f091cc4d79a3eca3910f0518d3b647120ac0be1a68eaade2e75eaa64adfc92c5a

    • SSDEEP

      192:em24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlESl:m8QIl975eXqlWBrz7YLOlE

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks