Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
ad902196f9ad4de624ed41179f96f4f3f9c887056f4d2ba392f08bf97c5223c9.exe
Resource
win7-20240903-en
General
-
Target
ad902196f9ad4de624ed41179f96f4f3f9c887056f4d2ba392f08bf97c5223c9
-
Size
426KB
-
MD5
38512d5ca9eaf683d271bfdb4fd6c978
-
SHA1
aabbf72099eca127f305dc12fcce4daff267357b
-
SHA256
ad902196f9ad4de624ed41179f96f4f3f9c887056f4d2ba392f08bf97c5223c9
-
SHA512
2d884c93f170ae51a213cd58a2c86f5fa076672d0f3ef4c0f700aac2fe356242b537567a9bf6c4db8b5cd522d62918b949a6f276dfc53540b470e32a75ed905d
-
SSDEEP
6144:KbEJIjNDv0bNXkbvL+EJIjNDv0bNXkbvLrIjNDv0bNXkbvLu:rIZGNXkbvLbIZGNXkbvLrIZGNXkbvLu
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ad902196f9ad4de624ed41179f96f4f3f9c887056f4d2ba392f08bf97c5223c9
Files
-
ad902196f9ad4de624ed41179f96f4f3f9c887056f4d2ba392f08bf97c5223c9.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE