Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
e21c633a95f167805fda0aee6ed488a30dbc1b625e7b510af7681e3813c9ad69.exe
Resource
win7-20240903-en
General
-
Target
e21c633a95f167805fda0aee6ed488a30dbc1b625e7b510af7681e3813c9ad69.exe
-
Size
1.8MB
-
MD5
3bb69aa068d6c7745d2e5e45ffc76e5c
-
SHA1
a46f36539f37af9fb0b850349e71ae7760760b80
-
SHA256
e21c633a95f167805fda0aee6ed488a30dbc1b625e7b510af7681e3813c9ad69
-
SHA512
4d037909e0af976cbc21b031099b134e2d1b9ee7515836dfcbbf95271754fa101d8de026377eb4c9314c46e1ab72658d93f88ba870ca9799bfefe10312d06d7b
-
SSDEEP
49152:YXsY+0JDQt/YK1Mj0eITzTR9K8099+h9vNe2h/KF:YZ+SDQJYKSjsTfR9Z0f09vNHhCF
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e21c633a95f167805fda0aee6ed488a30dbc1b625e7b510af7681e3813c9ad69.exe
Files
-
e21c633a95f167805fda0aee6ed488a30dbc1b625e7b510af7681e3813c9ad69.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 4.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reltc Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE