Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c0ba6cd3de...5e.exe

windows7-x64

10

c0ba6cd3de...5e.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Overharden...ly.com

windows7-x64

Overharden...ly.com

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c0ba6cd3dec5b284f3defa9ef37453107e44f5b5a153728dd536fd6b7ff0b95e.exe

  • Size

    926KB

  • Sample

    250327-fwxwcszlz4

  • MD5

    5469e8035530eb2c2552b568c88c2b24

  • SHA1

    17ef49811c0c065e6bcdec4a000464659efe6991

  • SHA256

    c0ba6cd3dec5b284f3defa9ef37453107e44f5b5a153728dd536fd6b7ff0b95e

  • SHA512

    2940d72fa0678674350211c2ab77bb2e5a778f055ab6ccf0298bb239017e4a25b5486ab6de3f7c0985b2bb46921cdda104205270da819aa787e6cf723a158fe6

  • SSDEEP

    24576:tOZlAUxWG1+ne0/bIpTeubmMLA+5wOnOMyQa:HUPse0/0wuzZ5xOMyQa

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      c0ba6cd3dec5b284f3defa9ef37453107e44f5b5a153728dd536fd6b7ff0b95e.exe

    • Size

      926KB

    • MD5

      5469e8035530eb2c2552b568c88c2b24

    • SHA1

      17ef49811c0c065e6bcdec4a000464659efe6991

    • SHA256

      c0ba6cd3dec5b284f3defa9ef37453107e44f5b5a153728dd536fd6b7ff0b95e

    • SHA512

      2940d72fa0678674350211c2ab77bb2e5a778f055ab6ccf0298bb239017e4a25b5486ab6de3f7c0985b2bb46921cdda104205270da819aa787e6cf723a158fe6

    • SSDEEP

      24576:tOZlAUxWG1+ne0/bIpTeubmMLA+5wOnOMyQa:HUPse0/0wuzZ5xOMyQa

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader family

      guloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      b0c77267f13b2f87c084fd86ef51ccfc

    • SHA1

      f7543f9e9b4f04386dfbf33c38cbed1bf205afb3

    • SHA256

      a0cac4cf4852895619bc7743ebeb89f9e4927ccdb9e66b1bcd92a4136d0f9c77

    • SHA512

      f2b57a2eea00f52a3c7080f4b5f2bb85a7a9b9f16d12da8f8ff673824556c62a0f742b72be0fd82a2612a4b6dbd7e0fdc27065212da703c2f7e28d199696f66e

    • SSDEEP

      192:4PtkiQJr7jHYT87RfwXQ6YSYtOuVDi7IsFW14Ll8CO:H78TQIgGCDp14LGC

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      Overharden/undeterrably.com

    • Size

      96KB

    • MD5

      91dbee51395b487294ec9886b39744ba

    • SHA1

      eb91e66bff97d5e09b002b9578479fb24ed037d2

    • SHA256

      3b4e59c5a2011f0b694961789c8c2e2d3f79f038be98fd95b0484de64ebed0fb

    • SHA512

      150bb6562bb138993ebc17634e6c2cf5f4b51741afca352d9c5c9512d05a86b6caf27ad3618b72b73d6da2f99da36d0f9e98d48e45686974f135d8abe2a72c68

    • SSDEEP

      768:Q1qTrU5ywyyu8VgeHQHl5GAO9xWPstB2Nj9xX9/jjd0N2MKIRMk2/M:Q4Ta5u8Vw7O9xWPsDsPXlTMb

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks