Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

RFQ0046224...g1.exe

windows7-x64

10

RFQ0046224...g1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RFQ0046224635List2.Drawingimg1.exe

  • Size

    948KB

  • Sample

    250328-myc3asvvfz

  • MD5

    52dba7fd749749bc6e2735cae904a26c

  • SHA1

    f878524a0e8ad8ee94a1a70c81b75415435e5fdd

  • SHA256

    267bdd0b21f44ccf8662c2e36e381dfb2aae3c8019a9d6099689fc9f49a90a56

  • SHA512

    79ff7fd14ba7a6006856a3974f74ce39645eade87647b89c5dc35dc7b69035c19fa127a332da2085c5b0107d3a067f73a575df9054f6051c784fe5bbc618943f

  • SSDEEP

    24576:Ru6J33O0c+JY5UZ+XC0kGso6Fas3d18WY:Du0c++OCvkGs9FasrY

Score
10/10
collectiondefense_evasiondiscoveryevasiontrojan

Malware Config

Targets

    • Target

      RFQ0046224635List2.Drawingimg1.exe

    • Size

      948KB

    • MD5

      52dba7fd749749bc6e2735cae904a26c

    • SHA1

      f878524a0e8ad8ee94a1a70c81b75415435e5fdd

    • SHA256

      267bdd0b21f44ccf8662c2e36e381dfb2aae3c8019a9d6099689fc9f49a90a56

    • SHA512

      79ff7fd14ba7a6006856a3974f74ce39645eade87647b89c5dc35dc7b69035c19fa127a332da2085c5b0107d3a067f73a575df9054f6051c784fe5bbc618943f

    • SSDEEP

      24576:Ru6J33O0c+JY5UZ+XC0kGso6Fas3d18WY:Du0c++OCvkGs9FasrY

    Score
    10/10
    collectiondefense_evasiondiscoveryevasiontrojan

    • Modifies Windows Defender DisableAntiSpyware settings

      evasiontrojan

    • Disables Task Manager via registry modification

      defense_evasion

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks