Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    VM Shared Drive.rar

  • Size

    80KB

  • Sample

    240925-b3pq4szfqd

  • MD5

    a304dede8789c4a3e9c31e1409d3cdd5

  • SHA1

    f72b4e9b97a552a8570c33ba479230106a287a70

  • SHA256

    913225018c45e28cfe78b8d4c746eb3384df2c471d6ff279efee8509d8ce7cee

  • SHA512

    d685dbf242f3604895d0852f5104f2b045faebf39d64822586e5653fe7510697a5e497e77e7c04e4e327b5fa6e707fbe1e50456fc87e1d6876b6678b022fe80d

  • SSDEEP

    1536:h26CnBMp7GkQYNv1A1NwbBdpbgAvwyH2CXmvUiVNinWstDIdoR473LfmLbDIm4lz:5Cs7GjYbdHYPCWnXsRI+47j+bDImv66U

Score
10/10

Malware Config

Targets

    • Target

      Testty.exe

    • Size

      7KB

    • MD5

      f461b16f3088d11ec23ec4bdbc51b81d

    • SHA1

      7a3ead3ae6e0584bc95089abef184ff9a435992d

    • SHA256

      b3992696f795ac58deea6f7037629a05821627f9d427f0cf03d816b44f653d20

    • SHA512

      7f653256ef7a4d06f78cb84e43e5e79d7f66a37158cb1b8dbfadde2b68e1ac8a68e23b08f0d24a32a3c2812ee16bd055fdbcffb0ec027ffbfd2ddae870181c52

    • SSDEEP

      96:JjHiN0Phm/Q18u39y7C+B+i+Pyqe6CY1EBVE2fKvzNt:Jj5hmy3kC+Bv8yqe6DwVE2y5

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

    • Target

      onibye-1.7.2.exe

    • Size

      248KB

    • MD5

      8d31aa8f14a9cc51fd4c75cdd4f49c9f

    • SHA1

      195582375e498afbd5be9230666a2fb4ce54d47b

    • SHA256

      cd618c86273a76fb918299934424b52019e36e15631b3fcc33bdb2c95e770f1f

    • SHA512

      6fc7477943fa60bdd53f4ecdc421d25e149e05a544c8fb3596d0342a94e59e0407b1b8fd709ae90134989be2b8b9b80e726b662ecaa646a6fb9bab2cf9c53bf2

    • SSDEEP

      6144:hPp6X3u1/jnL5TXLcZB2/6RKqEvLeu1/Fb1o:JL5T7cZB2/6RDi1o

    Score
    10/10
    • Suspicious use of NtCreateUserProcessOtherParentProcess

MITRE ATT&CK Enterprise v15

Tasks