Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
df56f0c9d0007f5125d92cfd481e21760d41eb10a92009ce1ab6d5da01140687.exe
Resource
win7-20240708-en
General
-
Target
df56f0c9d0007f5125d92cfd481e21760d41eb10a92009ce1ab6d5da01140687
-
Size
576KB
-
MD5
6385129ecaf875fa5b4a1d0b2a4a4a34
-
SHA1
bc93685b3334d8a007344e7e330dd6550322febd
-
SHA256
df56f0c9d0007f5125d92cfd481e21760d41eb10a92009ce1ab6d5da01140687
-
SHA512
dab9ffd159b7413630302ae050d5a50b4340075a1d34e005d86373a42b60e09c2ba63197e8d4c1d824b8ccad2a29b41b72e3c30e337918aa0c2fe610f4e609f3
-
SSDEEP
12288:+NWPkHlUkErBuxQ4uzi6d6dL/yiXLzeMdK6io8levy0FhVlpzkzDDoS5:+NWPkHlUfBgpuPdWzyuDTifgyWlw
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource df56f0c9d0007f5125d92cfd481e21760d41eb10a92009ce1ab6d5da01140687
Files
-
df56f0c9d0007f5125d92cfd481e21760d41eb10a92009ce1ab6d5da01140687.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 3.2MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 572KB - Virtual size: 572KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE