Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8c5385fccd9d705cca3f3e85227db53c67cfe19ae5460b4335bcf39a32c9ff07
-
Size
714KB
-
Sample
221001-2e5ersabf8
-
MD5
6d83d702fad47bf24a04c4b3e2c9d930
-
SHA1
e706a46e3bbb821e8f4aec1f3e488be1504b855b
-
SHA256
8c5385fccd9d705cca3f3e85227db53c67cfe19ae5460b4335bcf39a32c9ff07
-
SHA512
62cda9516333dfe92d4099f2cc25d8e434ac23abc28dbd522695b200a4a1545473a6a419bd9ac8fadb54283980a82f37d1faa2ab32df92a9d10e74750c58499d
-
SSDEEP
12288:mSuYrHkpL3KyptgMzPez1OkvHj3CfL0PzGJRZLB3LE:X1kpL3KyAWPez1fD3mLIzGvZt3LE
Static task
static1
Behavioral task
behavioral1
Sample
8c5385fccd9d705cca3f3e85227db53c67cfe19ae5460b4335bcf39a32c9ff07.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8c5385fccd9d705cca3f3e85227db53c67cfe19ae5460b4335bcf39a32c9ff07.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
C:\Program Files (x86)\Microsoft Office\CLIPART\PUB60COR\!Decrypt-All-Files-wmajicl.txt
http://43qzvceo6ondd6wt.onion.cab
http://43qzvceo6ondd6wt.tor2web.org
http://43qzvceo6ondd6wt.onion/
Targets
-
-
Target
8c5385fccd9d705cca3f3e85227db53c67cfe19ae5460b4335bcf39a32c9ff07
-
Size
714KB
-
MD5
6d83d702fad47bf24a04c4b3e2c9d930
-
SHA1
e706a46e3bbb821e8f4aec1f3e488be1504b855b
-
SHA256
8c5385fccd9d705cca3f3e85227db53c67cfe19ae5460b4335bcf39a32c9ff07
-
SHA512
62cda9516333dfe92d4099f2cc25d8e434ac23abc28dbd522695b200a4a1545473a6a419bd9ac8fadb54283980a82f37d1faa2ab32df92a9d10e74750c58499d
-
SSDEEP
12288:mSuYrHkpL3KyptgMzPez1OkvHj3CfL0PzGJRZLB3LE:X1kpL3KyAWPez1fD3mLIzGvZt3LE
Score10/10-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-