Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0b712c4656bb538c25f81cdca735d0b90570af198f05b1de06c91702984ad23e

  • Size

    714KB

  • Sample

    240823-czz84stbml

  • MD5

    71a61d8661763822313d618d61364160

  • SHA1

    078a1be81f9624b9950a0c78a1fa8916be153d40

  • SHA256

    0b712c4656bb538c25f81cdca735d0b90570af198f05b1de06c91702984ad23e

  • SHA512

    7287845f3b3b6d7cb9ff9b3a0aa6da5de78070fde0d151ac47f51d98362e57034e500789280986140dd94a320380765611cf7f54f2511da48cea0505820ea00e

  • SSDEEP

    12288:OSac9e5D+bBnKf4poVrVhc0JNcEj8LZzoIBrPlcdqzhvKrN6TCvKgkzIjbRrW37a:4a4+l2Jxj8OIBblcdq4agTREUu/wM2

Score
7/10

Malware Config

Targets

    • Target

      New order QE-2403KBR4.exe

    • Size

      740KB

    • MD5

      8379ff838164b21dbd287611dae13ecb

    • SHA1

      d19e11692605f70504de8ab04a992627985facea

    • SHA256

      3666991ba9b1b0ab338f41c37c0bfe3a8ae0fbfbde9820679a76362a610a0b23

    • SHA512

      a4a2db5afd04a7f657520d2b84f19627a3381db5996803283868020dab1f89b56b3367585b10b2762ef57d8581fff0c36b989d5e00a63e7282813ee04d0e2b77

    • SSDEEP

      12288:osHzOUNUSB/o5LsI1uwajJ5yvv1l2/BXyZPlcd2zhRKzdWTWTKgYzajbRtML7RQH:7iUmSB/o5d1ubcvKC5lcd2WUg3RquUjs

    Score
    7/10
    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks