Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c0ab8779a77a35685345f40cb15c794e5789a7215129b53930be356c670305df
-
Size
15.7MB
-
Sample
240628-ng3r3azbkj
-
MD5
1c2261c68f3884c6332f38516275557c
-
SHA1
919b30f56e551689ecbfed4d0bae6ac353f9c733
-
SHA256
c0ab8779a77a35685345f40cb15c794e5789a7215129b53930be356c670305df
-
SHA512
2986d15cd39b8ecf76697250aaad3a4ccff6f18d9be0faec310ebe5bda6cbc6d9e38fc28059de39999b7889a355191bc35e4b6a54ffe317dcfa6e3c643fe405e
-
SSDEEP
393216:DkgCbhWQ/ecpGkUoI9kV5qhTHMryN4uTk2vnRT2c2c6wChT6w:DklbacwnkV5qJMAJvnRTzSPT6w
Static task
static1
Behavioral task
behavioral1
Sample
Outlook_4.83.901.0_20231017/outlka23.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Outlook_4.83.901.0_20231017/outlka23.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
Outlook_4.83.901.0_20231017/outlka64.dll
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
Outlook_4.83.901.0_20231017/outlka64.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Outlook_4.83.901.0_20231017/outlka23.dll
-
Size
2.5MB
-
MD5
9b5cc466186483554a3ee0c4fbd2bee7
-
SHA1
d4acb4c21fa3e6b3fe3e7bb94cbfcd6af448a350
-
SHA256
3b21b2dfd7b07d6c8b198e45d81abf8431e514b866707932976a16f15693f1ff
-
SHA512
458cb1fe705129f828d457e089dd9b022ab4675eeef11792fdcaf4f70da9f439882c29a5dc83bba31f893d2c9bf34c3c49b1437e7b074beeee202eecfda43e0b
-
SSDEEP
49152:GxtuksqLe7KWFlIyLfRcPZy9GEuPbP053:G5sqLeBIufRcPZU7
Score1/10 -
-
-
Target
Outlook_4.83.901.0_20231017/outlka64.dll
-
Size
5.9MB
-
MD5
20dba31f4e211f6bea144a0d2880cc6e
-
SHA1
cdc90d1742b1a25487c2d3628103f80cfbc1a284
-
SHA256
2fe16173326ea26ff89df46c061afea8b7bad2b540e8db5bd578f44f85e6933d
-
SHA512
57885b1e08371fbe1e51e1f614f059437083219fac87c8f1c3c52c911ea205c6a6d09bfb7cc16da247023e2cfb8c4ed5f4f97fd1f3da5d04bd277d305a5a6483
-
SSDEEP
98304:rfylCoe3XL+0a4Lyx+9QKiuFWJ6pCsbM23XsDM:DWCoe3Ze+t5FWJ6pZbMyc
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-