Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8d46982ffd5dd5a49d9b22a91fa7b8d92a9af94ef495a611cf1a81d1cfef714e
-
Size
324KB
-
Sample
221011-wmm8kageb9
-
MD5
218a40b442c19f628860b16f682bb78a
-
SHA1
366cb6a9be431f01b90f4b9ea5f12a0200d76887
-
SHA256
8d46982ffd5dd5a49d9b22a91fa7b8d92a9af94ef495a611cf1a81d1cfef714e
-
SHA512
466cd1ceda5e611d51f1904aab711c873268b6dc597a00cc4916b81af5a2cad8ff8511f265bf993b6ded6d1a176a906d75edc5d2482d9aa0f5935fa9f71203ab
-
SSDEEP
6144:gAySm9gM+TSmcgMc9Sm4rRK58UOzD4nvNDqGbMg/JFglpG+JJw6V:gAtMsv5MEt4rc58U5vBVbn/JF0b
Static task
static1
Behavioral task
behavioral1
Sample
8d46982ffd5dd5a49d9b22a91fa7b8d92a9af94ef495a611cf1a81d1cfef714e.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
8d46982ffd5dd5a49d9b22a91fa7b8d92a9af94ef495a611cf1a81d1cfef714e
-
Size
324KB
-
MD5
218a40b442c19f628860b16f682bb78a
-
SHA1
366cb6a9be431f01b90f4b9ea5f12a0200d76887
-
SHA256
8d46982ffd5dd5a49d9b22a91fa7b8d92a9af94ef495a611cf1a81d1cfef714e
-
SHA512
466cd1ceda5e611d51f1904aab711c873268b6dc597a00cc4916b81af5a2cad8ff8511f265bf993b6ded6d1a176a906d75edc5d2482d9aa0f5935fa9f71203ab
-
SSDEEP
6144:gAySm9gM+TSmcgMc9Sm4rRK58UOzD4nvNDqGbMg/JFglpG+JJw6V:gAtMsv5MEt4rc58U5vBVbn/JF0b
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-