Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
756754e7ace930c02cc8880a6525e602d62dad11d41842571489020b462ed505
-
Size
1.6MB
-
Sample
240913-xqvx9atamn
-
MD5
7681c643ce0c73024b6a5fdb47112d77
-
SHA1
4bab80129e0f7d52764bd592a67181082039b51c
-
SHA256
756754e7ace930c02cc8880a6525e602d62dad11d41842571489020b462ed505
-
SHA512
648e49e375da1418de80b68664d9704cabe0312c74ccf6036e270450d9ea88f45cf333df6334db827864b06f185e116ba15fa0089e823b2eb1dafb23a2cbd6e3
-
SSDEEP
24576:gKNU4q+UL4u9s43HfdNip488Gx6OsgoBOaKAQYwyeyREeHhfe6zJFFH9:vU4q+ULL1Ng4vGxqBOXH6+eHNeOFl9
Static task
static1
Behavioral task
behavioral1
Sample
RFQ 1287668565645647645647674456475467567657465476.scr
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
RFQ 1287668565645647645647674456475467567657465476.scr
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
RFQ 1287668565645647645647674456475467567657465476.scr
-
Size
1.6MB
-
MD5
25627c53238e2289a29f0c7d5d0553c5
-
SHA1
94d9ca78e77d31f5ccd514e2b58a5af31dfe67e7
-
SHA256
54a791a6660fd49d6e2378527b448fc71708360b46c9928fe6c53cb2d03f7791
-
SHA512
33b03efa11f5a758047842f5957d920c5a431ab0693c43c437c19aba1da829da12c94dfa2b9241c3851ef36ae3ba85757a18e55833a1ce3b3a363a647fa220e1
-
SSDEEP
24576:w9PT36SNwoOjFhirCf/KyJJqKBDEytmAYCOO5Jg8pQyk5qSGEl65OYaBNvyg:U+SNqTiO3h35TAYJg8GySNwg
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-