Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9dc478ae4703b0f80c54aaf229486bca68c1b7a3b7b77b0e8a6cbb52ece21317
-
Size
655KB
-
Sample
221004-hqx1aagfgm
-
MD5
17d3432705fa5e1bc0927753c56e824d
-
SHA1
4b2f15d8b13f3ffaa404256c3dcec865c6982597
-
SHA256
9dc478ae4703b0f80c54aaf229486bca68c1b7a3b7b77b0e8a6cbb52ece21317
-
SHA512
2e78b613c68ec971cbe3917849161b360b724c2b9c0a7c4038241a9fd0b32f48fd1a505b1f51ecde74a6958f5b66d965a51819cadb13dce0388b959d05c6fb7a
-
SSDEEP
12288:/ESqJwbBEE+tOi+c2xwlqXs4zUmvycM6xgNyJ6DsZuhEP60dIIFazZyun23:/EdYj+j+c21lz/VnxgAJxuOCciZzE
Static task
static1
Behavioral task
behavioral1
Sample
9dc478ae4703b0f80c54aaf229486bca68c1b7a3b7b77b0e8a6cbb52ece21317.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
9dc478ae4703b0f80c54aaf229486bca68c1b7a3b7b77b0e8a6cbb52ece21317
-
Size
655KB
-
MD5
17d3432705fa5e1bc0927753c56e824d
-
SHA1
4b2f15d8b13f3ffaa404256c3dcec865c6982597
-
SHA256
9dc478ae4703b0f80c54aaf229486bca68c1b7a3b7b77b0e8a6cbb52ece21317
-
SHA512
2e78b613c68ec971cbe3917849161b360b724c2b9c0a7c4038241a9fd0b32f48fd1a505b1f51ecde74a6958f5b66d965a51819cadb13dce0388b959d05c6fb7a
-
SSDEEP
12288:/ESqJwbBEE+tOi+c2xwlqXs4zUmvycM6xgNyJ6DsZuhEP60dIIFazZyun23:/EdYj+j+c21lz/VnxgAJxuOCciZzE
-
Modifies security service
-
Modifies visiblity of hidden/system files in Explorer
-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-