Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Cumacean.exe

  • Size

    234KB

  • Sample

    240510-jgtryaeb32

  • MD5

    d9ad627096015371e1d4db92375bc6ff

  • SHA1

    c625bbef9ca680e05e6d426ef1417086d059cd94

  • SHA256

    1f7f8fa2a0d1850a1753edd61fc2ddfd67031a15b65929469c044dc8c751de03

  • SHA512

    9573885810921efacaa924e48069cd04adbc0f1003a94318734233a570c495d91f6e1dc6ab02e078ebd17cdceb1a616636f6799dc737aae281e9cd4681df6aa3

  • SSDEEP

    6144:Ek62PBHbekcwi+GGKPNYLsJbRGryWCP3fI/C:BpaGgvfRRGrK4a

Score
10/10

Malware Config

Targets

    • Target

      Cumacean.exe

    • Size

      234KB

    • MD5

      d9ad627096015371e1d4db92375bc6ff

    • SHA1

      c625bbef9ca680e05e6d426ef1417086d059cd94

    • SHA256

      1f7f8fa2a0d1850a1753edd61fc2ddfd67031a15b65929469c044dc8c751de03

    • SHA512

      9573885810921efacaa924e48069cd04adbc0f1003a94318734233a570c495d91f6e1dc6ab02e078ebd17cdceb1a616636f6799dc737aae281e9cd4681df6aa3

    • SSDEEP

      6144:Ek62PBHbekcwi+GGKPNYLsJbRGryWCP3fI/C:BpaGgvfRRGrK4a

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/Banner.dll

    • Size

      3KB

    • MD5

      ab67c38251627bdd59af50c52deda52c

    • SHA1

      2eaf5464a294a5c5aa77ae757893be6f59e0e087

    • SHA256

      37f3514571476a739a26d86bf0bfb7f41f7a56fc30a9bf43f9381d0eb4df22d6

    • SHA512

      b9af9182d4f15cfb8547fc93ecd17aa95c2c65fe45b41c8fdb25752f54bfce397b371dae3a31e15f697047f8037c34e88daa83867d96e93cade57737c9b35afd

    Score
    1/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      55f18cafe28167995629fdeae4f07bdf

    • SHA1

      a6bd9310f4408c86149993d1e8833d35dd16bb23

    • SHA256

      e32b35cde7c6e2c967445de92884684db7fda506ea52b9aaa74c1a33dd2fdfe6

    • SHA512

      113e7a9e1958bea6a045a7120adf6c667880b9b1d90ff7790e2004f3954f9358a5e44ceb6be0c3b32ff8e6a06878a0f22be7206d0b5a6c5392ca30b8c3bff8ce

    • SSDEEP

      192:sj9rQDenC9VrcK7REgSWOprANupQYLRszDDH/d9CWlXo7U6YV:qJQEaVAK7R9SfpjpQYLRszfH/d9CWB1j

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      f294cfefcf2f306696944427ef551de5

    • SHA1

      6ae91bc7706e0dc0e882f2648277ffc9437a5f8b

    • SHA256

      b170d492cedc29719d27092c29ae1c71bc0b4d9c7df5707b44ac748bc394967f

    • SHA512

      da8b57a3b9256aa6f5e8a33399eea9fb154f9463dfcb297b67419f540049cca9450ce81fe5d3dffad3d8708f300c9453d64add8e81e8dd48b6bae0f1053f116e

    • SSDEEP

      96:jWIKf21CuHq37MPuQ7rA9auHav8ZwK03cONByZyImHcAqgvB05CZnthgve9QIpKd:jW5Om342wrA5apH3/NYmciACZUApU

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      6b174eb4d11c11ad5d8c8653f09e60c3

    • SHA1

      222b75fa7c03707d8664817a2fd7db142f33867b

    • SHA256

      b4ec96eda12eb0cbd593d4a65bb9ebb9055244f16a19dc976ba57bc552763419

    • SHA512

      3d847f863b367b7822a3a2422846bb15d5f68408af937224e19cf0f5fed8632738701d42d1f3a251b9ed69b3ce1a1698314698ac22a14ef38504415daf5aca09

    • SSDEEP

      96:znYPt4Vl/7Lo1UBrob9ljNEUgD7cyuM1x9XkraK2A2KA4e3VUxQvLL1mKZ:7YPt4Vlw1Iul5J8T1vK20m3VUaLL1l

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks