Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
DeadSecRootKit.exe
-
Size
151KB
-
Sample
240709-12yp3azhnf
-
MD5
b8479a23c22cf6fc456e197939284069
-
SHA1
b2d98cc291f16192a46f363d007e012d45c63300
-
SHA256
18294ee5a6383a48d1bcf2703f17d815529df3a17580e027c3efea1800900e8f
-
SHA512
786cd468ce3723516dc869b09e008ec5d35d1f0c1a61e70083a3be15180866be637bd7d8665c2f0218c56875a0ee597c277e088f77dd403bdd2182d06bad3bd4
-
SSDEEP
3072:9QpsyzjtpfkzW/7F/ix/ApwXnDLn10FbxYSC/B9KIZb29b/HvX:9QpsyzjtpfOW/7FO/AKL10FbmlBoIYRn
Static task
static1
Behavioral task
behavioral1
Sample
DeadSecRootKit.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
DeadSecRootKit.exe
-
Size
151KB
-
MD5
b8479a23c22cf6fc456e197939284069
-
SHA1
b2d98cc291f16192a46f363d007e012d45c63300
-
SHA256
18294ee5a6383a48d1bcf2703f17d815529df3a17580e027c3efea1800900e8f
-
SHA512
786cd468ce3723516dc869b09e008ec5d35d1f0c1a61e70083a3be15180866be637bd7d8665c2f0218c56875a0ee597c277e088f77dd403bdd2182d06bad3bd4
-
SSDEEP
3072:9QpsyzjtpfkzW/7F/ix/ApwXnDLn10FbxYSC/B9KIZb29b/HvX:9QpsyzjtpfOW/7FO/AKL10FbmlBoIYRn
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-