Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

RFQ 128766...76.scr

windows7-x64

6

RFQ 128766...76.scr

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    756754e7ace930c02cc8880a6525e602d62dad11d41842571489020b462ed505

  • Size

    1.6MB

  • Sample

    240913-xqvx9atamn

  • MD5

    7681c643ce0c73024b6a5fdb47112d77

  • SHA1

    4bab80129e0f7d52764bd592a67181082039b51c

  • SHA256

    756754e7ace930c02cc8880a6525e602d62dad11d41842571489020b462ed505

  • SHA512

    648e49e375da1418de80b68664d9704cabe0312c74ccf6036e270450d9ea88f45cf333df6334db827864b06f185e116ba15fa0089e823b2eb1dafb23a2cbd6e3

  • SSDEEP

    24576:gKNU4q+UL4u9s43HfdNip488Gx6OsgoBOaKAQYwyeyREeHhfe6zJFFH9:vU4q+ULL1Ng4vGxqBOXH6+eHNeOFl9

Score
10/10
collectiondiscoverypersistence

Malware Config

Targets

    • Target

      RFQ 1287668565645647645647674456475467567657465476.scr

    • Size

      1.6MB

    • MD5

      25627c53238e2289a29f0c7d5d0553c5

    • SHA1

      94d9ca78e77d31f5ccd514e2b58a5af31dfe67e7

    • SHA256

      54a791a6660fd49d6e2378527b448fc71708360b46c9928fe6c53cb2d03f7791

    • SHA512

      33b03efa11f5a758047842f5957d920c5a431ab0693c43c437c19aba1da829da12c94dfa2b9241c3851ef36ae3ba85757a18e55833a1ce3b3a363a647fa220e1

    • SSDEEP

      24576:w9PT36SNwoOjFhirCf/KyJJqKBDEytmAYCOO5Jg8pQyk5qSGEl65OYaBNvyg:U+SNqTiO3h35TAYJg8GySNwg

    Score
    10/10
    discoverypersistencecollection

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Loads dropped DLL

    • Accesses Microsoft Outlook profiles

      collection

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks