Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    modified OC shipment 211014093.rar

  • Size

    1.6MB

  • Sample

    240919-glt76atenf

  • MD5

    eacb8e7717b6d2ec052d515153b55537

  • SHA1

    649af51682c8ec04551037cc5c1d6c080c2cb21f

  • SHA256

    2cbf42842fdda3cbf6587cc6f805c688a2a2a38206fab1e39969fbb101b922b0

  • SHA512

    04c9318d91c01541b0122cb0f5fdeca59ecb6e5c303289f306ccecc7cffa598dfbfe79797e5bf58b2a61d177523f64df384d96a388d154b6284b05cd453f5b44

  • SSDEEP

    49152:ry0vWMq29k/iriBmTM/+E/CRHci5eiPSgRu:VzciI/nccWPSgw

Score
10/10

Malware Config

Targets

    • Target

      modified OC shipment 211014093.rar

    • Size

      1.6MB

    • MD5

      eacb8e7717b6d2ec052d515153b55537

    • SHA1

      649af51682c8ec04551037cc5c1d6c080c2cb21f

    • SHA256

      2cbf42842fdda3cbf6587cc6f805c688a2a2a38206fab1e39969fbb101b922b0

    • SHA512

      04c9318d91c01541b0122cb0f5fdeca59ecb6e5c303289f306ccecc7cffa598dfbfe79797e5bf58b2a61d177523f64df384d96a388d154b6284b05cd453f5b44

    • SSDEEP

      49152:ry0vWMq29k/iriBmTM/+E/CRHci5eiPSgRu:VzciI/nccWPSgw

    Score
    3/10
    • Target

      modified OC shipment 211014093.img

    • Size

      1.8MB

    • MD5

      0a76b0c76a800d0aa07fb9e2a3da1848

    • SHA1

      3b54b65615b48f80225a6a6c86e81651da900516

    • SHA256

      e8b2446eed004bc8d74712c80a4ca2982781bf3605368f8da73aeca2814f2366

    • SHA512

      d08ba7a974d21296631165749ecb36bc7148da5da85dd10691dee9642ccf48f131dff68941f8988283f690603602d2fcdf2a48665de7359b4b4f4ba6a027151a

    • SSDEEP

      49152:ofd0Na41q6kAWMXg5Kt2U8yO7W1ueBRDqh:q0KqLXuKURWu0Dq

    Score
    3/10
    • Target

      modified OC shipment 211014093.exe

    • Size

      1.7MB

    • MD5

      c7b0d2cf8de84628d2f35ce5b1ce7235

    • SHA1

      9ac35351c3d5a33d37d16beaa1b3c05d8d2cb6f0

    • SHA256

      a1a217cddc25003f90053c9a94469cb43ebdebab8caf338d3c95fdc5f4102802

    • SHA512

      394c35bc64387301a63bed37ad0d126e6cf4da748102c186eac324667a353f6ec590e8f70746ffaa93ba8a7b831a9ac3e3d5729b2ab0922bff1f13f0235bb03d

    • SSDEEP

      49152:bfd0Na41q6kAWMXg5Kt2U8yO7W1ueBRDqh:h0KqLXuKURWu0Dq

    Score
    10/10
    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks