Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7d83d737bae2597faf8f2ea8347e0c730a66a2049ef4bf2d7852488a34eaf17e
-
Size
1.0MB
-
Sample
221003-19hntaaab4
-
MD5
6575b134dd7b050d597ef0475d0e1585
-
SHA1
6fbc76429ccbbf9dbdee4c86b1d61f612e70f60e
-
SHA256
7d83d737bae2597faf8f2ea8347e0c730a66a2049ef4bf2d7852488a34eaf17e
-
SHA512
8628530230d14ad428d0c28bfd0e9363858c44b95a614127e7a57c284c605be19e7e6d0a5b4b5ccfdad5135f670507b23238d507c0e4e05891d05dd0e9de3014
-
SSDEEP
24576:MQCMf3oQlibOIQxiZY1Oa7RlOoIT40sAZw8Ts:UMPoQlATFZY1Oa7Rl+e
Static task
static1
Behavioral task
behavioral1
Sample
7d83d737bae2597faf8f2ea8347e0c730a66a2049ef4bf2d7852488a34eaf17e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
7d83d737bae2597faf8f2ea8347e0c730a66a2049ef4bf2d7852488a34eaf17e.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
7d83d737bae2597faf8f2ea8347e0c730a66a2049ef4bf2d7852488a34eaf17e
-
Size
1.0MB
-
MD5
6575b134dd7b050d597ef0475d0e1585
-
SHA1
6fbc76429ccbbf9dbdee4c86b1d61f612e70f60e
-
SHA256
7d83d737bae2597faf8f2ea8347e0c730a66a2049ef4bf2d7852488a34eaf17e
-
SHA512
8628530230d14ad428d0c28bfd0e9363858c44b95a614127e7a57c284c605be19e7e6d0a5b4b5ccfdad5135f670507b23238d507c0e4e05891d05dd0e9de3014
-
SSDEEP
24576:MQCMf3oQlibOIQxiZY1Oa7RlOoIT40sAZw8Ts:UMPoQlATFZY1Oa7Rl+e
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-