Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
23fab8e73a76e15208fd9b6085c56f8340c1b2e1879b6676c06314d1781f2b4c
-
Size
460KB
-
Sample
221002-apq7caegfm
-
MD5
59e5709610450cd0910d414a37f0c004
-
SHA1
de8d36bfc5c392f62a6b6019b0607ff3b8408dbf
-
SHA256
23fab8e73a76e15208fd9b6085c56f8340c1b2e1879b6676c06314d1781f2b4c
-
SHA512
7d689f3edbaccc4087c2f33279a5fa956ae9d9c5b35d17c5f0475decd951097d627276661f8048a12cb0b62304fc79e268102a44768b2506595ddf39e458b2eb
-
SSDEEP
12288:zlSt6oIHNOhU5O5TYo4XqTig5GSR9CClDDL:zlSt69HNx6T/5xT
Static task
static1
Behavioral task
behavioral1
Sample
23fab8e73a76e15208fd9b6085c56f8340c1b2e1879b6676c06314d1781f2b4c.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
23fab8e73a76e15208fd9b6085c56f8340c1b2e1879b6676c06314d1781f2b4c.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
23fab8e73a76e15208fd9b6085c56f8340c1b2e1879b6676c06314d1781f2b4c
-
Size
460KB
-
MD5
59e5709610450cd0910d414a37f0c004
-
SHA1
de8d36bfc5c392f62a6b6019b0607ff3b8408dbf
-
SHA256
23fab8e73a76e15208fd9b6085c56f8340c1b2e1879b6676c06314d1781f2b4c
-
SHA512
7d689f3edbaccc4087c2f33279a5fa956ae9d9c5b35d17c5f0475decd951097d627276661f8048a12cb0b62304fc79e268102a44768b2506595ddf39e458b2eb
-
SSDEEP
12288:zlSt6oIHNOhU5O5TYo4XqTig5GSR9CClDDL:zlSt69HNx6T/5xT
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-