Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.exe
Resource
win7-20241010-en
General
-
Target
57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.zip
-
Size
91KB
-
MD5
e34225705c5d6c48849f2aedecfcae61
-
SHA1
258634ab1e5a5ede357324a762200a1ad0be69e4
-
SHA256
9c74e1c18c2f7056010933362bc035923469d71016c8babbaaa5d2eae626836f
-
SHA512
9e1badaf8e58b8c6b046658be91f2783d0bea6f144e0cb0496af932999287794ad9834673a178ad3b694d0782161bfb36139d0f34a8f6a41c57a5397a3588ceb
-
SSDEEP
1536:BHkY1AOTBOVz5FOl/KnGjE4mCqzVFZjee4TMiNpn7l+O2iXJ9jBX7aGbXh8J:BHz6gBOhPeSfjefVr7l+hU7Fh8J
Malware Config
Signatures
-
resource yara_rule static1/unpack001/57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.exe upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.exe
Files
-
57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.zip.zip
Password: infected
-
57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.exe.exe windows:4 windows x86 arch:x86
94499ec57ca7f8a108e513ffe23240eb
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
ord553
ord667
ord595
ord598
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord534
ProcCallEngine
ord100
ord610
ord655
Sections
UPX0 Size: 208KB - Virtual size: 208KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 108KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE