Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Cumacean.exe

  • Size

    234KB

  • Sample

    240510-jgtryaeb32

  • MD5

    d9ad627096015371e1d4db92375bc6ff

  • SHA1

    c625bbef9ca680e05e6d426ef1417086d059cd94

  • SHA256

    1f7f8fa2a0d1850a1753edd61fc2ddfd67031a15b65929469c044dc8c751de03

  • SHA512

    9573885810921efacaa924e48069cd04adbc0f1003a94318734233a570c495d91f6e1dc6ab02e078ebd17cdceb1a616636f6799dc737aae281e9cd4681df6aa3

  • SSDEEP

    6144:Ek62PBHbekcwi+GGKPNYLsJbRGryWCP3fI/C:BpaGgvfRRGrK4a

Score
10/10

Malware Config

Targets

    • Target

      Cumacean.exe

    • Size

      234KB

    • MD5

      d9ad627096015371e1d4db92375bc6ff

    • SHA1

      c625bbef9ca680e05e6d426ef1417086d059cd94

    • SHA256

      1f7f8fa2a0d1850a1753edd61fc2ddfd67031a15b65929469c044dc8c751de03

    • SHA512

      9573885810921efacaa924e48069cd04adbc0f1003a94318734233a570c495d91f6e1dc6ab02e078ebd17cdceb1a616636f6799dc737aae281e9cd4681df6aa3

    • SSDEEP

      6144:Ek62PBHbekcwi+GGKPNYLsJbRGryWCP3fI/C:BpaGgvfRRGrK4a

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/Banner.dll

    • Size

      3KB

    • MD5

      ab67c38251627bdd59af50c52deda52c

    • SHA1

      2eaf5464a294a5c5aa77ae757893be6f59e0e087

    • SHA256

      37f3514571476a739a26d86bf0bfb7f41f7a56fc30a9bf43f9381d0eb4df22d6

    • SHA512

      b9af9182d4f15cfb8547fc93ecd17aa95c2c65fe45b41c8fdb25752f54bfce397b371dae3a31e15f697047f8037c34e88daa83867d96e93cade57737c9b35afd

    Score
    1/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      55f18cafe28167995629fdeae4f07bdf

    • SHA1

      a6bd9310f4408c86149993d1e8833d35dd16bb23

    • SHA256

      e32b35cde7c6e2c967445de92884684db7fda506ea52b9aaa74c1a33dd2fdfe6

    • SHA512

      113e7a9e1958bea6a045a7120adf6c667880b9b1d90ff7790e2004f3954f9358a5e44ceb6be0c3b32ff8e6a06878a0f22be7206d0b5a6c5392ca30b8c3bff8ce

    • SSDEEP

      192:sj9rQDenC9VrcK7REgSWOprANupQYLRszDDH/d9CWlXo7U6YV:qJQEaVAK7R9SfpjpQYLRszfH/d9CWB1j

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      f294cfefcf2f306696944427ef551de5

    • SHA1

      6ae91bc7706e0dc0e882f2648277ffc9437a5f8b

    • SHA256

      b170d492cedc29719d27092c29ae1c71bc0b4d9c7df5707b44ac748bc394967f

    • SHA512

      da8b57a3b9256aa6f5e8a33399eea9fb154f9463dfcb297b67419f540049cca9450ce81fe5d3dffad3d8708f300c9453d64add8e81e8dd48b6bae0f1053f116e

    • SSDEEP

      96:jWIKf21CuHq37MPuQ7rA9auHav8ZwK03cONByZyImHcAqgvB05CZnthgve9QIpKd:jW5Om342wrA5apH3/NYmciACZUApU

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      6b174eb4d11c11ad5d8c8653f09e60c3

    • SHA1

      222b75fa7c03707d8664817a2fd7db142f33867b

    • SHA256

      b4ec96eda12eb0cbd593d4a65bb9ebb9055244f16a19dc976ba57bc552763419

    • SHA512

      3d847f863b367b7822a3a2422846bb15d5f68408af937224e19cf0f5fed8632738701d42d1f3a251b9ed69b3ce1a1698314698ac22a14ef38504415daf5aca09

    • SSDEEP

      96:znYPt4Vl/7Lo1UBrob9ljNEUgD7cyuM1x9XkraK2A2KA4e3VUxQvLL1mKZ:7YPt4Vlw1Iul5J8T1vK20m3VUaLL1l

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.