Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Loader.exe

  • Size

    34.8MB

  • Sample

    240417-a8l2qsaf2z

  • MD5

    0e2fbb8ab3ebfb498c8e54990f362d47

  • SHA1

    a10dbcefd278892ab7dec3849db4fcf86e1fcea8

  • SHA256

    f122415acf09511fda3d52e1bed4ad68e43c20ec1c57960f15d5a0aa97f256fa

  • SHA512

    4642d43fb33110343b8d6727c5a92d05d2f3a6dd1754081b215ba8f0ed68d376082aa9ad1cdfa9e4f9dc1b2ee5b63ad41dcbcb5328514b5adc6df4886b25db58

  • SSDEEP

    49152:lVlZYUePctNXxBtO7oDJNXWxKPRzWVRIf/:lVl5k6NXxBnWxQRzWVR

Score
6/10

Malware Config

Targets

    • Target

      Loader.exe

    • Size

      34.8MB

    • MD5

      0e2fbb8ab3ebfb498c8e54990f362d47

    • SHA1

      a10dbcefd278892ab7dec3849db4fcf86e1fcea8

    • SHA256

      f122415acf09511fda3d52e1bed4ad68e43c20ec1c57960f15d5a0aa97f256fa

    • SHA512

      4642d43fb33110343b8d6727c5a92d05d2f3a6dd1754081b215ba8f0ed68d376082aa9ad1cdfa9e4f9dc1b2ee5b63ad41dcbcb5328514b5adc6df4886b25db58

    • SSDEEP

      49152:lVlZYUePctNXxBtO7oDJNXWxKPRzWVRIf/:lVl5k6NXxBnWxQRzWVR

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks