Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8105306280.zip
-
Size
701KB
-
Sample
221005-v232wsfac5
-
MD5
54102dc17bc1407dffec941a0316867e
-
SHA1
b12bf0ccde1050b2706f9c8ce4c3f02a8e13e90e
-
SHA256
c5348deafddbf3beed31d22285cabbb1f3c55c0123b3e0d47a3edd79586c4a1d
-
SHA512
83e1d201993b1cd836fbde45b0b60a67691a0960a5bdfae5de34891373345cedc7537748183ca54366baa0dfd276d4a4a4c1daaa8b3ad4e82b89c2657ebfd734
-
SSDEEP
12288:IV5p2TiiVZIv9g81RPT7OZOTfsGqmsffjZr6Sc5RHz3QGXAGhJl43aL7byO/Rs9d:IlOiiX5wRriZhvMSc5RHz3PtTl43qSOE
Static task
static1
Behavioral task
behavioral1
Sample
e6c39cc0b7a7ad889fd345475f0b7d5ea740caba70bc4f57564e760e8a52f6ad.msi
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e6c39cc0b7a7ad889fd345475f0b7d5ea740caba70bc4f57564e760e8a52f6ad.msi
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
e6c39cc0b7a7ad889fd345475f0b7d5ea740caba70bc4f57564e760e8a52f6ad
-
Size
1.4MB
-
MD5
563f30a6c6d9978c30e8416542ad6041
-
SHA1
44ea4b43e5cb20ce9140297f7bcf87f028e0830b
-
SHA256
e6c39cc0b7a7ad889fd345475f0b7d5ea740caba70bc4f57564e760e8a52f6ad
-
SHA512
3d1fcb48c2ac03ac9c1e7fa6fdda611b45e4f36fba0ddf42fa2d7ab8027a19ae8b3937c97ef004812bfb9dd99c5c0f00c6b5162a5f6d536a0cedb47ad063d3b5
-
SSDEEP
24576:jJjyyzQyz5io+HExGWUAyiqZpBqnGIQ5M6DLrVVdWGA13IqMXSpS2SDTQuV+vJFo:jJjrz5io+HGGWxyzXlrXVVdWGA13I1Xd
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-