Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
76fc18247970b458964c60ca63cd208f77dd1d43513390c355d3693067197bbd.exe
Resource
win7-20240903-en
General
-
Target
76fc18247970b458964c60ca63cd208f77dd1d43513390c355d3693067197bbd.exe
-
Size
1.0MB
-
MD5
902456c0c50438c690ed9d7cd1a12cbc
-
SHA1
72584fdcb942252d7e628dd07340d756c243a562
-
SHA256
76fc18247970b458964c60ca63cd208f77dd1d43513390c355d3693067197bbd
-
SHA512
9d41a36ae7dc6aafea53c4d9eafa7a7d878a72c91996337fd33b7637324edba73b392894e76f9442e2e35e24414a9f1231945a089c3a33d568de3238d4c1a091
-
SSDEEP
12288:LLkcoxg7v3qnC11ErwIhh0F4qwUgUnyjP3xSQG0Qp5EKdKwI8MW9mnfE:/fmMv6Ckr7MnyjP3xSQUp5EKgV8MFfE
Malware Config
Signatures
-
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
resource yara_rule sample autoit_exe -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 76fc18247970b458964c60ca63cd208f77dd1d43513390c355d3693067197bbd.exe
Files
-
76fc18247970b458964c60ca63cd208f77dd1d43513390c355d3693067197bbd.exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 476KB - Virtual size: 476KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 264KB - Virtual size: 264KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 33KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE