Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f4c91d53f51927c942dff396246c4b3b5c64b8bb33f2ceb518e1c9752eeb2060
-
Size
116KB
-
Sample
221001-y6zf2sfdbl
-
MD5
74f6d3a5f2f555c02a872e27d1ab6650
-
SHA1
94b155a9c7e30f7c1c132544520d3c723b57bb9a
-
SHA256
f4c91d53f51927c942dff396246c4b3b5c64b8bb33f2ceb518e1c9752eeb2060
-
SHA512
5251fd06142761afa256a27180ce4fb021fcfcaf5a82d8a067964ca481261c2933f7141a49165980f6815ad33efa713e633007e4ebf6ca81bc956407ed0ac226
-
SSDEEP
3072:mbFcEq/FuXeTBZENUkhevkIM05VCITux15G51R2VE0A9WdDzi0jlp2r:mRcn0eTBZYUs5mCx1452Vmexy
Malware Config
Targets
-
-
Target
GOLAYA-PHOTO.exe
-
Size
174KB
-
MD5
1ff3421e7ddfa60dcc30d18fac2913a8
-
SHA1
d93499e78895ee7dcfb38be26e7a227cc1d45d71
-
SHA256
d8e50905e0280d0182d1d5eb87407f405448505fcae27353e0e8ff74f9bbf545
-
SHA512
bf068d5e20409f83b32f7b0497fd213f1f26a2bc7c61f1ca2f1b3449449b24427ad3effa842234ce70703912c2d09bdbbd622652167169991460369d38d4c806
-
SSDEEP
3072:ABAp5XhKpN4eOyVTGfhEClj8jTk+0hAeFVq4jMY1R2VE0A9WdDzi0jlp2l:3bXE9OiTGfhEClq9ZY2Vmex6
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-