Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
xworm.exe
-
Size
227KB
-
Sample
240820-s3ygpazeja
-
MD5
f25ef9e7998ae6d7db70c919b1d9636b
-
SHA1
572146d53d0d7b3c912bc6a24f458d67b77a53fe
-
SHA256
7face24db4aa43220ebc4d3afb6c739307f8b653c686b829fb1cb6091695c113
-
SHA512
d8682cdb5876f9ffe6aa8856d5ffa8c168afd25fc927781d80d129491fa04aabf045f01d13ffb51e3db9773367cc00fce466e1ef7af11bfc3d7af13df06cc17c
-
SSDEEP
6144:YdAfHWAy5hne6jlVg1jCYRCuAOm6Tw8ym:Yqf7y5he6DkQutw8ym
Static task
static1
Behavioral task
behavioral1
Sample
xworm.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
xworm.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
xworm.exe
-
Size
227KB
-
MD5
f25ef9e7998ae6d7db70c919b1d9636b
-
SHA1
572146d53d0d7b3c912bc6a24f458d67b77a53fe
-
SHA256
7face24db4aa43220ebc4d3afb6c739307f8b653c686b829fb1cb6091695c113
-
SHA512
d8682cdb5876f9ffe6aa8856d5ffa8c168afd25fc927781d80d129491fa04aabf045f01d13ffb51e3db9773367cc00fce466e1ef7af11bfc3d7af13df06cc17c
-
SSDEEP
6144:YdAfHWAy5hne6jlVg1jCYRCuAOm6Tw8ym:Yqf7y5he6DkQutw8ym
Score8/10-
Blocklisted process makes network request
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
Suspicious use of SetThreadContext
-