Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
VM Shared Drive.rar
-
Size
80KB
-
Sample
240925-b3pq4szfqd
-
MD5
a304dede8789c4a3e9c31e1409d3cdd5
-
SHA1
f72b4e9b97a552a8570c33ba479230106a287a70
-
SHA256
913225018c45e28cfe78b8d4c746eb3384df2c471d6ff279efee8509d8ce7cee
-
SHA512
d685dbf242f3604895d0852f5104f2b045faebf39d64822586e5653fe7510697a5e497e77e7c04e4e327b5fa6e707fbe1e50456fc87e1d6876b6678b022fe80d
-
SSDEEP
1536:h26CnBMp7GkQYNv1A1NwbBdpbgAvwyH2CXmvUiVNinWstDIdoR473LfmLbDIm4lz:5Cs7GjYbdHYPCWnXsRI+47j+bDImv66U
Static task
static1
Behavioral task
behavioral1
Sample
Testty.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Testty.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
onibye-1.7.2.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
onibye-1.7.2.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Testty.exe
-
Size
7KB
-
MD5
f461b16f3088d11ec23ec4bdbc51b81d
-
SHA1
7a3ead3ae6e0584bc95089abef184ff9a435992d
-
SHA256
b3992696f795ac58deea6f7037629a05821627f9d427f0cf03d816b44f653d20
-
SHA512
7f653256ef7a4d06f78cb84e43e5e79d7f66a37158cb1b8dbfadde2b68e1ac8a68e23b08f0d24a32a3c2812ee16bd055fdbcffb0ec027ffbfd2ddae870181c52
-
SSDEEP
96:JjHiN0Phm/Q18u39y7C+B+i+Pyqe6CY1EBVE2fKvzNt:Jj5hmy3kC+Bv8yqe6DwVE2y5
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
onibye-1.7.2.exe
-
Size
248KB
-
MD5
8d31aa8f14a9cc51fd4c75cdd4f49c9f
-
SHA1
195582375e498afbd5be9230666a2fb4ce54d47b
-
SHA256
cd618c86273a76fb918299934424b52019e36e15631b3fcc33bdb2c95e770f1f
-
SHA512
6fc7477943fa60bdd53f4ecdc421d25e149e05a544c8fb3596d0342a94e59e0407b1b8fd709ae90134989be2b8b9b80e726b662ecaa646a6fb9bab2cf9c53bf2
-
SSDEEP
6144:hPp6X3u1/jnL5TXLcZB2/6RKqEvLeu1/Fb1o:JL5T7cZB2/6RDi1o
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-