Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
modified OC shipment 211014093.rar
-
Size
1.6MB
-
Sample
240919-glt76atenf
-
MD5
eacb8e7717b6d2ec052d515153b55537
-
SHA1
649af51682c8ec04551037cc5c1d6c080c2cb21f
-
SHA256
2cbf42842fdda3cbf6587cc6f805c688a2a2a38206fab1e39969fbb101b922b0
-
SHA512
04c9318d91c01541b0122cb0f5fdeca59ecb6e5c303289f306ccecc7cffa598dfbfe79797e5bf58b2a61d177523f64df384d96a388d154b6284b05cd453f5b44
-
SSDEEP
49152:ry0vWMq29k/iriBmTM/+E/CRHci5eiPSgRu:VzciI/nccWPSgw
Static task
static1
Behavioral task
behavioral1
Sample
modified OC shipment 211014093.rar
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
modified OC shipment 211014093.rar
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
modified OC shipment 211014093.iso
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
modified OC shipment 211014093.iso
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
modified OC shipment 211014093.exe
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
modified OC shipment 211014093.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
modified OC shipment 211014093.rar
-
Size
1.6MB
-
MD5
eacb8e7717b6d2ec052d515153b55537
-
SHA1
649af51682c8ec04551037cc5c1d6c080c2cb21f
-
SHA256
2cbf42842fdda3cbf6587cc6f805c688a2a2a38206fab1e39969fbb101b922b0
-
SHA512
04c9318d91c01541b0122cb0f5fdeca59ecb6e5c303289f306ccecc7cffa598dfbfe79797e5bf58b2a61d177523f64df384d96a388d154b6284b05cd453f5b44
-
SSDEEP
49152:ry0vWMq29k/iriBmTM/+E/CRHci5eiPSgRu:VzciI/nccWPSgw
Score3/10 -
-
-
Target
modified OC shipment 211014093.img
-
Size
1.8MB
-
MD5
0a76b0c76a800d0aa07fb9e2a3da1848
-
SHA1
3b54b65615b48f80225a6a6c86e81651da900516
-
SHA256
e8b2446eed004bc8d74712c80a4ca2982781bf3605368f8da73aeca2814f2366
-
SHA512
d08ba7a974d21296631165749ecb36bc7148da5da85dd10691dee9642ccf48f131dff68941f8988283f690603602d2fcdf2a48665de7359b4b4f4ba6a027151a
-
SSDEEP
49152:ofd0Na41q6kAWMXg5Kt2U8yO7W1ueBRDqh:q0KqLXuKURWu0Dq
Score3/10 -
-
-
Target
modified OC shipment 211014093.exe
-
Size
1.7MB
-
MD5
c7b0d2cf8de84628d2f35ce5b1ce7235
-
SHA1
9ac35351c3d5a33d37d16beaa1b3c05d8d2cb6f0
-
SHA256
a1a217cddc25003f90053c9a94469cb43ebdebab8caf338d3c95fdc5f4102802
-
SHA512
394c35bc64387301a63bed37ad0d126e6cf4da748102c186eac324667a353f6ec590e8f70746ffaa93ba8a7b831a9ac3e3d5729b2ab0922bff1f13f0235bb03d
-
SSDEEP
49152:bfd0Na41q6kAWMXg5Kt2U8yO7W1ueBRDqh:h0KqLXuKURWu0Dq
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-