Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

8f6e757106...0N.exe

windows7-x64

10

8f6e757106...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8f6e757106245919f7bc47fa785f68c0N.exe

  • Size

    3.1MB

  • Sample

    240802-mha8rsverl

  • MD5

    8f6e757106245919f7bc47fa785f68c0

  • SHA1

    1fd355106542f11a551969a28950a671a4d83c3a

  • SHA256

    4803ac7f53b5d80b2ec89582c4d9b1bb4795e798d33335046ed4a3cf26a8b6ab

  • SHA512

    e8bdda76882673d07314ae485d683dec02b9d748696d464a94d56b296e858d63fcde43db048cd4c00e8d7266371c5717c2c8dfc620fec6c4a8e8bb7fe36c5fc0

  • SSDEEP

    98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWG:SbBeSFk6

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      8f6e757106245919f7bc47fa785f68c0N.exe

    • Size

      3.1MB

    • MD5

      8f6e757106245919f7bc47fa785f68c0

    • SHA1

      1fd355106542f11a551969a28950a671a4d83c3a

    • SHA256

      4803ac7f53b5d80b2ec89582c4d9b1bb4795e798d33335046ed4a3cf26a8b6ab

    • SHA512

      e8bdda76882673d07314ae485d683dec02b9d748696d464a94d56b296e858d63fcde43db048cd4c00e8d7266371c5717c2c8dfc620fec6c4a8e8bb7fe36c5fc0

    • SSDEEP

      98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWG:SbBeSFk6

    Score
    10/10
    xmrigexecutionminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks