Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

7a56b9a7be...8b.exe

windows7-x64

10

7a56b9a7be...8b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7a56b9a7be5d627a61b4fcd3716b73aefa76ecbe38c8edc5c11b47dedb3b888b.exe

  • Size

    6.7MB

  • MD5

    818c5a007a2075f7c56eb69b75d12acb

  • SHA1

    2f33d50e879a18ff744424855d6356bae8f2d5d9

  • SHA256

    79712e68d88a6d2d87555f24f9dc767868289ce0e70000c14e3e72df1b4a58f9

  • SHA512

    f15717749deac968f48ac8c5df01368735658eca535efa19c1b5c2bcb3a1b1f065baa05b609b6526c384a6800b78adccfc8249aab8e7ce411041575303da8ec4

  • SSDEEP

    196608:hwy9GeDVI5DKBWZlkgJedYs6LtYdEhqTgKDSy3n1B:hwykYVI5DK2NNs6LtYdEhSp24B

Score
10/10
agilenetquasar

Malware Config

Extracted

Family

quasar

Attributes
  • reconnect_delay

    3000

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7a56b9a7be5d627a61b4fcd3716b73aefa76ecbe38c8edc5c11b47dedb3b888b.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections