Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    caf5c3d52dbfec2c3b5030d75719c800N.exe

  • Size

    924KB

  • Sample

    240907-ldw41awhkm

  • MD5

    caf5c3d52dbfec2c3b5030d75719c800

  • SHA1

    2dbf7691fde034a6d24c81bad45bbe6c0fbf4453

  • SHA256

    e22f8bc9ff2568779a9282c4acc677bce79a563cffa24a3749bc3a236a579491

  • SHA512

    55a1955ce524e38cea6bfa3c5a0b09060e9a155eb19aaea79937b1561e0adea6d058fe7b232d0969f13f400140312eecb69545792663fb1c972077522be393a6

  • SSDEEP

    12288:6aWzgMg7v3qnCiMErQohh0F4CCJ8lny/QLv4jm558UaXQPR:1aHMv6Corjqny/QLwjQ8tAPR

Malware Config

Targets

    • Target

      caf5c3d52dbfec2c3b5030d75719c800N.exe

    • Size

      924KB

    • MD5

      caf5c3d52dbfec2c3b5030d75719c800

    • SHA1

      2dbf7691fde034a6d24c81bad45bbe6c0fbf4453

    • SHA256

      e22f8bc9ff2568779a9282c4acc677bce79a563cffa24a3749bc3a236a579491

    • SHA512

      55a1955ce524e38cea6bfa3c5a0b09060e9a155eb19aaea79937b1561e0adea6d058fe7b232d0969f13f400140312eecb69545792663fb1c972077522be393a6

    • SSDEEP

      12288:6aWzgMg7v3qnCiMErQohh0F4CCJ8lny/QLv4jm558UaXQPR:1aHMv6Corjqny/QLwjQ8tAPR

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks