Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
303359be5a96f2404af7e635640b257d.exe
-
Size
138KB
-
Sample
220921-gx614ababn
-
MD5
303359be5a96f2404af7e635640b257d
-
SHA1
eed5a46a5605103022aee765c65b0edae9d33ebf
-
SHA256
0670da9632a6639007d68c910a1bfdcca8ab9157324a65ce45bda3136f365a3c
-
SHA512
526f035c53e3d5c6289f08dae106e8c955e83d1503a4bfd906e3f6997ee45f10cc942b55850e214036fbd560a568a3b4580eed4ad7d80977d2daa0e4681a00fc
-
SSDEEP
3072:rw7s+ebZ7usUCAco7ILE0+50u+kKVzdCf/z8:rn+ebTUCAco7IZLYCZI/
Static task
static1
Behavioral task
behavioral1
Sample
303359be5a96f2404af7e635640b257d.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
303359be5a96f2404af7e635640b257d.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
303359be5a96f2404af7e635640b257d.exe
-
Size
138KB
-
MD5
303359be5a96f2404af7e635640b257d
-
SHA1
eed5a46a5605103022aee765c65b0edae9d33ebf
-
SHA256
0670da9632a6639007d68c910a1bfdcca8ab9157324a65ce45bda3136f365a3c
-
SHA512
526f035c53e3d5c6289f08dae106e8c955e83d1503a4bfd906e3f6997ee45f10cc942b55850e214036fbd560a568a3b4580eed4ad7d80977d2daa0e4681a00fc
-
SSDEEP
3072:rw7s+ebZ7usUCAco7ILE0+50u+kKVzdCf/z8:rn+ebTUCAco7IZLYCZI/
Score8/10-
Adds policy Run key to start application
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-