Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7821d35c1866a3ecd43b15d6a171fd9f11d70907105cc27f6b7f0760ca86bccd.exe
-
Size
738KB
-
Sample
241018-cff15azeqf
-
MD5
884358a9e9da158f576b7b7e42521d70
-
SHA1
a9d488b27fc2d65df89c1049c9cdf380e37e435f
-
SHA256
7821d35c1866a3ecd43b15d6a171fd9f11d70907105cc27f6b7f0760ca86bccd
-
SHA512
630c905e255424dc8e54a8b945aaa5673e6ff25fe4e2f9713b73a3f5a622ff8f5d33bfc06ccecd85e5017bac27e31007c878acba32af509000a6c51fdaea0216
-
SSDEEP
12288:javPpBdFOdWbKSYQNGHkROyGOs61IYZVAecgs9FMa1Mdq8jJN:javzLDK+NjDGMIYO7MoON
Static task
static1
Behavioral task
behavioral1
Sample
7821d35c1866a3ecd43b15d6a171fd9f11d70907105cc27f6b7f0760ca86bccd.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
7821d35c1866a3ecd43b15d6a171fd9f11d70907105cc27f6b7f0760ca86bccd.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Variabelforklaringen.ps1
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
Variabelforklaringen.ps1
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7821d35c1866a3ecd43b15d6a171fd9f11d70907105cc27f6b7f0760ca86bccd.exe
-
Size
738KB
-
MD5
884358a9e9da158f576b7b7e42521d70
-
SHA1
a9d488b27fc2d65df89c1049c9cdf380e37e435f
-
SHA256
7821d35c1866a3ecd43b15d6a171fd9f11d70907105cc27f6b7f0760ca86bccd
-
SHA512
630c905e255424dc8e54a8b945aaa5673e6ff25fe4e2f9713b73a3f5a622ff8f5d33bfc06ccecd85e5017bac27e31007c878acba32af509000a6c51fdaea0216
-
SSDEEP
12288:javPpBdFOdWbKSYQNGHkROyGOs61IYZVAecgs9FMa1Mdq8jJN:javzLDK+NjDGMIYO7MoON
-
Blocklisted process makes network request
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Variabelforklaringen.Adi
-
Size
51KB
-
MD5
b38fc73651b54a201ea1815e9fbdb7e1
-
SHA1
11dcb7973511a7f58eacd0c6b519d4c57b843ece
-
SHA256
3cd2de55689d75d77cd308184060364fcf48b990e025e918233e528a3373a27b
-
SHA512
0e6055ab2c490f2c67184e3dea070f6b0d9cd0e557e1c51d792da53c4674d844d8d5c9a5dd036261437db2bb7b8b8e0425168ac143da01b2b1ce116540989b1d
-
SSDEEP
1536:wzAstLJaBT7rCnMxEVnq50oJbvVWezp1PQwQ66FkvKbzd:wcsOTgYEVqnYc/Pw7zd
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-