Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
15042024_1736_15042024_PO# ROSIT MR2309040.rar
-
Size
611KB
-
Sample
240415-lk29labb98
-
MD5
a5b8e26033a105aa5e05cded5a93cd2a
-
SHA1
e4165f902de236fb26922a47fea6472bd0962c13
-
SHA256
5fa45df110fa3297cf9a6b980f8a8183569ce96b511bbe7d9cef1491ccca2136
-
SHA512
1dd85e9a7801f4f89e4673ae5ac94e353ba66eb7d70530621a5edc26d931aa42ff17ba7ea0644438c8f7c7f122127aec0c4990960339519c2836088cfe289328
-
SSDEEP
12288:QcfQ92YQSYcnip942xtRtT5CyPscnRm5sMMVqErsYkWL/O3Sn4Gwf5a:QgDSYcnTMtVtsb5IOWcS4G25a
Static task
static1
Behavioral task
behavioral1
Sample
PO# ROSIT MR2309040.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
PO# ROSIT MR2309040.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
PO# ROSIT MR2309040.exe
-
Size
761KB
-
MD5
9cca6c27ab4c2d57ffb57973de78658c
-
SHA1
961a879187aa8d7665cb00bbbfddcf67bce4172c
-
SHA256
051cb37b130a5af6e0fdcedbcbf67901e45baf9a99cf81e106b0e72e4ef2f6b9
-
SHA512
afca46b53e037e1872f4810c45ac0561bcef96b7dffc34bfd697082228934f66a5ea949b578a28f9d1e1b6ee4698e639dc2f4ed4769eec2aa9ad55382ba91461
-
SSDEEP
12288:Zgf3/HvEqA4wXuyo86ii63KnVdZsfZhgZ7q+V9qKWLZrEGg29fiuhx:83/PE0weyorI6nzOfZq7S+o9v
Score10/10-
Loads dropped DLL
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
a4dd044bcd94e9b3370ccf095b31f896
-
SHA1
17c78201323ab2095bc53184aa8267c9187d5173
-
SHA256
2e226715419a5882e2e14278940ee8ef0aa648a3ef7af5b3dc252674111962bc
-
SHA512
87335a43b9ca13e1300c7c23e702e87c669e2bcf4f6065f0c684fc53165e9c1f091cc4d79a3eca3910f0518d3b647120ac0be1a68eaade2e75eaa64adfc92c5a
-
SSDEEP
192:em24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlESl:m8QIl975eXqlWBrz7YLOlE
Score3/10 -