Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
47857977c75e866d76bd0bfc27d9c46f73376be05c01199b48c105919d4c8ff9
-
Size
629KB
-
Sample
221003-d7bq6afhdp
-
MD5
450060ccd8b9d7d412c94d95633543e1
-
SHA1
7e1c2de473b6d376799651f14280f4f8ad3ce8fb
-
SHA256
47857977c75e866d76bd0bfc27d9c46f73376be05c01199b48c105919d4c8ff9
-
SHA512
4603f28974a45fe05d9df6c1e98a9ab48f0d6a012c1c842bc2535878609f988f20273b5d5de52216d177daf27c7282822eafcfa1780168d2bf0fe27767edd41b
-
SSDEEP
12288:2N+LbOurqW8AuLexBtRDgNCrrxHeGCcOHO:FOurqW8AuL8fD4CrrsGCcaO
Static task
static1
Behavioral task
behavioral1
Sample
47857977c75e866d76bd0bfc27d9c46f73376be05c01199b48c105919d4c8ff9.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
47857977c75e866d76bd0bfc27d9c46f73376be05c01199b48c105919d4c8ff9.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
47857977c75e866d76bd0bfc27d9c46f73376be05c01199b48c105919d4c8ff9
-
Size
629KB
-
MD5
450060ccd8b9d7d412c94d95633543e1
-
SHA1
7e1c2de473b6d376799651f14280f4f8ad3ce8fb
-
SHA256
47857977c75e866d76bd0bfc27d9c46f73376be05c01199b48c105919d4c8ff9
-
SHA512
4603f28974a45fe05d9df6c1e98a9ab48f0d6a012c1c842bc2535878609f988f20273b5d5de52216d177daf27c7282822eafcfa1780168d2bf0fe27767edd41b
-
SSDEEP
12288:2N+LbOurqW8AuLexBtRDgNCrrxHeGCcOHO:FOurqW8AuL8fD4CrrsGCcaO
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-