Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Sample.exe
-
Size
134.8MB
-
Sample
221012-sfnc7sgehq
-
MD5
b91f99b87d1b4b97de96809626dce0f7
-
SHA1
6ba6325ffd36a0ee0ce6e3628d91848a9757dd91
-
SHA256
4773be03b5794908a31aba98a946f02eec075bb7144411bec6d9fa88bb6d5e8e
-
SHA512
72532f9102d43a78dac3563d881df6d207540544c5702c85f3560a321e32507ea9160eeea29a8e533a52ffe930b7042f80b22a037b1e5d2c10f12f17476f9b14
-
SSDEEP
3145728:Xmx2gA7SyL7n56rVjfgK+BSQUE19x2gAGN0GYNbVZ5ZNaZWwGA:4/yHSVLgK+BfLzNXEZN/bA
Static task
static1
Behavioral task
behavioral1
Sample
Sample.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Sample.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Sample.exe
-
Size
134.8MB
-
MD5
b91f99b87d1b4b97de96809626dce0f7
-
SHA1
6ba6325ffd36a0ee0ce6e3628d91848a9757dd91
-
SHA256
4773be03b5794908a31aba98a946f02eec075bb7144411bec6d9fa88bb6d5e8e
-
SHA512
72532f9102d43a78dac3563d881df6d207540544c5702c85f3560a321e32507ea9160eeea29a8e533a52ffe930b7042f80b22a037b1e5d2c10f12f17476f9b14
-
SSDEEP
3145728:Xmx2gA7SyL7n56rVjfgK+BSQUE19x2gAGN0GYNbVZ5ZNaZWwGA:4/yHSVLgK+BfLzNXEZN/bA
Score8/10-
Contacts a large (1029) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-