Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
17s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
04/12/2024, 06:09
Behavioral task
behavioral1
Sample
HotmailChecker/Data/Modules/Checker.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
HotmailChecker/Data/Modules/Checker.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
HotmailChecker/Data/Modules/Checker1.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
HotmailChecker/Data/Modules/Checker1.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
HotmailChecker/Hotmail Checker.exe
Resource
win7-20240903-en
General
-
Target
HotmailChecker/Data/Modules/Checker.exe
-
Size
487KB
-
MD5
bbf26eaf97edcdc7d55df2c17f33ba64
-
SHA1
03fa144cdbf85c5ed783f894f801234836d080e9
-
SHA256
3686fdc29551a6f3c5df38017e8fea2efdcac7dac7b91be78c6fdbfcfd48ee4b
-
SHA512
67e901df80916c3d8328be210847fbacae67bbb14fd4b2e629aaae200837ede5e7acd605a0054b158944bb1aeb65b4ec861a9882a4ec13260657757393618419
-
SSDEEP
6144:TloZM+rIkd8g+EtXHkv/iD4712hAmB5KB/Cwhl0mBib8e1m+BJiBN1C4q1q6NO+h:RoZtL+EP8712hAmB5KB/Cwhl0Zzq9LQ
Malware Config
Signatures
-
Detect Umbral payload 1 IoCs
resource yara_rule behavioral1/memory/2408-1-0x0000000000CC0000-0x0000000000D40000-memory.dmp family_umbral -
Umbral family
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2408 Checker.exe