Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-30_394eac0ab294e436db534f76799657a4_floxif_icedid
-
Size
23.3MB
-
Sample
240630-a5la2a1bke
-
MD5
394eac0ab294e436db534f76799657a4
-
SHA1
fab9ae420e6dc8c46edd97e1688d489bf244cce0
-
SHA256
9db1bc350b6699a3b8a0f9cb41727528e3fb3a24c7ad50cd14ede1e359845ebc
-
SHA512
5798cc90248158042477fa743ca84c23ba26e80bd3f88e4c3fae2c73e45593270c69e4d702a44b8bcd54c3c517dde5acdf141d822f180bf2f33bb693f1e9f0fb
-
SSDEEP
393216:XVA825yeORrAZMTxp20AaZQ8coY5ShvEPO6vBgKwCGAfXLZ:X68HeABf21am8JY5WvEPOIgF6Z
Malware Config
Targets
-
-
Target
2024-06-30_394eac0ab294e436db534f76799657a4_floxif_icedid
-
Size
23.3MB
-
MD5
394eac0ab294e436db534f76799657a4
-
SHA1
fab9ae420e6dc8c46edd97e1688d489bf244cce0
-
SHA256
9db1bc350b6699a3b8a0f9cb41727528e3fb3a24c7ad50cd14ede1e359845ebc
-
SHA512
5798cc90248158042477fa743ca84c23ba26e80bd3f88e4c3fae2c73e45593270c69e4d702a44b8bcd54c3c517dde5acdf141d822f180bf2f33bb693f1e9f0fb
-
SSDEEP
393216:XVA825yeORrAZMTxp20AaZQ8coY5ShvEPO6vBgKwCGAfXLZ:X68HeABf21am8JY5WvEPOIgF6Z
Score9/10-
Detects Windows executables referencing non-Windows User-Agents
-
UPX dump on OEP (original entry point)
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-