Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    KlarQB.exe

  • Size

    2.2MB

  • Sample

    240627-xr48bawapb

  • MD5

    cd5b23cdb79a3902e0cb3160bb1e9f0c

  • SHA1

    297ad3cd9a71e12e91b1b0305b6451b3586c043d

  • SHA256

    51530ca88b3a97b76fd6d0c2dcf3d51f9e9376b118d7403c011f2c16c37b9041

  • SHA512

    f189c7fddd6ceb86ad0b64800c6725222abad3f1969c993ec1cc3ae93c22f2fcdd3b0a12244d1fc562ece57a5b80088ffc5a066e7cf6418fdd5180c021f1c093

  • SSDEEP

    49152:WzNrex8VY6V83nLUXIK1zi8Ev9iI3mY/a6NwYc0X:oNi8i6V2L+J28+mY/akw

Score
8/10

Malware Config

Targets

    • Target

      KlarQB.exe

    • Size

      2.2MB

    • MD5

      cd5b23cdb79a3902e0cb3160bb1e9f0c

    • SHA1

      297ad3cd9a71e12e91b1b0305b6451b3586c043d

    • SHA256

      51530ca88b3a97b76fd6d0c2dcf3d51f9e9376b118d7403c011f2c16c37b9041

    • SHA512

      f189c7fddd6ceb86ad0b64800c6725222abad3f1969c993ec1cc3ae93c22f2fcdd3b0a12244d1fc562ece57a5b80088ffc5a066e7cf6418fdd5180c021f1c093

    • SSDEEP

      49152:WzNrex8VY6V83nLUXIK1zi8Ev9iI3mY/a6NwYc0X:oNi8i6V2L+J28+mY/akw

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks