Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    mortemsuck.dll

  • Size

    5.5MB

  • Sample

    240512-wk6xwscc42

  • MD5

    76d0869f111f717120806c6bc9fa4bc8

  • SHA1

    3441d2a2a14a2431fbc956216a4c2dad205a276a

  • SHA256

    b0dac6b9c202a2ad01739dbda54f1b8bc75d3afe018163ccea2985d08b1540ba

  • SHA512

    a58a6c1720823b5525403b01b1b8dfce7d8371092627ba1c72675d9500d858d7b81a7b3de6e1c4e2277bcca8ebfaa57fb59b393b0d1f5bc11999839b1bf81a1e

  • SSDEEP

    98304:2LXPyWbOPgpz+YGajRmKfbPViarfEQe4xyBqqVQ4LAayNuHTrRy:edOP1OUKjPVprf9e4cgaeuHvRy

Score
7/10

Malware Config

Targets

    • Target

      mortemsuck.dll

    • Size

      5.5MB

    • MD5

      76d0869f111f717120806c6bc9fa4bc8

    • SHA1

      3441d2a2a14a2431fbc956216a4c2dad205a276a

    • SHA256

      b0dac6b9c202a2ad01739dbda54f1b8bc75d3afe018163ccea2985d08b1540ba

    • SHA512

      a58a6c1720823b5525403b01b1b8dfce7d8371092627ba1c72675d9500d858d7b81a7b3de6e1c4e2277bcca8ebfaa57fb59b393b0d1f5bc11999839b1bf81a1e

    • SSDEEP

      98304:2LXPyWbOPgpz+YGajRmKfbPViarfEQe4xyBqqVQ4LAayNuHTrRy:edOP1OUKjPVprf9e4cgaeuHvRy

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks