Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

7668f27b79...0N.exe

windows7-x64

10

7668f27b79...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7668f27b796eb41c245cdf2b91c317c0N.exe

  • Size

    2.0MB

  • Sample

    240805-ljkm6asdmk

  • MD5

    7668f27b796eb41c245cdf2b91c317c0

  • SHA1

    3d34de99146f53d949afe524014742af45f7e6dc

  • SHA256

    8f36cb30c604cdbb70db2681ef0f845c08389cb563fc7f33471866d983e7baa6

  • SHA512

    bdfc5cf86e0830547ebe2cff933fd634fe0d920db2ff5b544bb58776a08c93a76cbb2e4070bf26cfe99e0dfe07bb612207516d4623ef756af209f211c8dc6bc5

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1Vqxz/:NABH

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      7668f27b796eb41c245cdf2b91c317c0N.exe

    • Size

      2.0MB

    • MD5

      7668f27b796eb41c245cdf2b91c317c0

    • SHA1

      3d34de99146f53d949afe524014742af45f7e6dc

    • SHA256

      8f36cb30c604cdbb70db2681ef0f845c08389cb563fc7f33471866d983e7baa6

    • SHA512

      bdfc5cf86e0830547ebe2cff933fd634fe0d920db2ff5b544bb58776a08c93a76cbb2e4070bf26cfe99e0dfe07bb612207516d4623ef756af209f211c8dc6bc5

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1Vqxz/:NABH

    Score
    10/10
    xmrigexecutionminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks