Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

2024-06-16...ia.exe

windows7-x64

9

2024-06-16...ia.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-16_5ea16a96dedc46455952e864b7a1ce4f_floxif_mafia

  • Size

    2.6MB

  • Sample

    240616-bwt29axfjr

  • MD5

    5ea16a96dedc46455952e864b7a1ce4f

  • SHA1

    2fce632fd4a7db285a618b06079d92e207a6264f

  • SHA256

    87e07e112924f75af30d54dccedf83c3b7631d742a05f85fcd05c15fd151e440

  • SHA512

    ed76019004c74b75513340a1534c61210457e6db36912ff6b931df014ea7ad50e7391906cfcc165e0f3d6dd9eb44d926ce1493272682fb89dc35cc52fad1c146

  • SSDEEP

    49152:Kw6c5LN7VSjOmZ1viy920yqWrPlF3RyU9nxvG3bQYf9YFiEd2IRm0Smz4hJG:Yc5LN7CHZAy92iWrPlF3RyU9nhGLfsf7

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      2024-06-16_5ea16a96dedc46455952e864b7a1ce4f_floxif_mafia

    • Size

      2.6MB

    • MD5

      5ea16a96dedc46455952e864b7a1ce4f

    • SHA1

      2fce632fd4a7db285a618b06079d92e207a6264f

    • SHA256

      87e07e112924f75af30d54dccedf83c3b7631d742a05f85fcd05c15fd151e440

    • SHA512

      ed76019004c74b75513340a1534c61210457e6db36912ff6b931df014ea7ad50e7391906cfcc165e0f3d6dd9eb44d926ce1493272682fb89dc35cc52fad1c146

    • SSDEEP

      49152:Kw6c5LN7VSjOmZ1viy920yqWrPlF3RyU9nxvG3bQYf9YFiEd2IRm0Smz4hJG:Yc5LN7CHZAy92iWrPlF3RyU9nhGLfsf7

    Score
    9/10
    persistenceupx

    • UPX dump on OEP (original entry point)

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks