Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
tmp
-
Size
1.0MB
-
Sample
221014-xp84gsebgp
-
MD5
da04d6b7b1499842ee15fd06f0753a7b
-
SHA1
51ab26f7074d2836ea4e1c3b9f0a9e8eb6b57929
-
SHA256
1046455f39dbe56dc8cc160ebc53b5b32315021af4a871c06235a5257e02f123
-
SHA512
6023ed14d7abdbcd734050ba46162024fd7b39eddad5973e7bdf5de7b1bdc233822c1a4f6027b99f3cebafeb46a41c5fdc82c693beaaa335065316cfdb382852
-
SSDEEP
12288:NyqF7UsDy+vMCt3kzBXDanOmitbih4Lb/aUIYfa7N2NZiuEQDFFAQSQy4At:NJF0UD3kNTcJhmzPZWwAtQy4A
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220812-en
Malware Config
Extracted
formbook
s8gw
b/iFndOEL2rKvw==
HK7quAepCJH6CkNgpH2cDYx1
YEayMA+cR1WQ0Qw/lQ==
kPVNVkAC6pEPHVFQnzCxsA==
yLE1wrE7kf1KRGRm5a95qQ==
D6ktQZWoaOJGopmOlg==
98rmMok6y5e47YvCCMQNPaqM6qf+7PsEAQ==
7Po3fdN1NNtop0X5Ryv9PnUrSLQ=
+vk1DU92V465rf1+gFhdWMFoAsAY
AuhZ6jw45aHmPdzGVilx
/9ln8smKekiYzqePkA==
7+gsdtTlpqcSL0/GVilx
6pXLEOumjAfvK8Y=
inT5kfC0FBmcw/hw7NYua819
wb/qKZCjfrEiKFz9Vyn9chrZxA==
Pil1K4a6ruUXJ2fPD5qXo+2pNMn5VdCREA==
mxo3/mBm1hMSWd8=
8ltzwIsdiPpJXbK30JecDYx1
BmrK2y9G+VyimqzrK9YtmYY=
jPP9Q/IqWt3JQSZtvqI1jb9oAsAY
xWzxa9GO6uM2f8ZremM=
81ZOUHEixtUIVv6NlIycDYx1
x3TwA2aHOqP09Rlz967tvg==
YcGkK4ptotZo
rRGPhtHpxhA5vg1ye2E=
s0nEUS76+DG4N0jCxIuMCH5s
sww09+l42RMSWd8=
nxSyL4EzoozGUpBZhw==
uyCPelMDq3XHVZFL
vctY16I47LsuQmtZV/z7PBzNzA==
E2OPZ4qidzKSyJNN
D6dFPTDUg8kaLmUmd0ldWMJoAsAY
Hfxr+EtmR3rHVZFL
GHz5DGiEOpXU1RopdxGnqQ==
vkyMO5bIjgF3jazpQxN7rCkLjaWsutEg
yCa7yRAQa3bHVZFL
IKm4cOp321WOog==
I3XZ+15s2tImMUjGVilx
x/Jd3b8EpiJXqemg4rgrchrZxA==
4mC1PjLusl2XzqePkA==
tYbmbDzOglrJ4zt2u61ws56J3tPwebg=
DuxD/09nTPBbkjfcIAAIB3QpxWbK3rA=
HHuuqojxl4TAA5Jf
C17m7sNUuc5hra6AeHQ=
vgw+g9qBRjWM3Ik7mA==
GGODX7tmIuDHVZFL
KH6t4TE6FtX+T+PT05shjfFoAsAY
nwWYlWch9TA3hqlW
bXb0fcySIOTHVZFL
aPlXnvfBsGj7O5hRUSQnGI4=
Zpznw5MtmI3HVZFL
19Zg6zNnTPgWPmPM0qicDYx1
kgAZh+ZmxRMSWd8=
f2gI+k/SivxGUIFve1MFSHUrSLQ=
IShqS5bKxWbWFU6N5rNJPRG+W5SWLQ==
67fiJ39totZo
0+kxCeKnjAfvK8Y=
xJoBjOzyVM4zNDhpwpcuchrZxA==
oIoetRFMRHP1M2jDwZmcDYx1
J3OgdY4S7Sg=
fBJLDHKdTs5VZHdiWTH9RXUrSLQ=
kHi1PIBtotZo
cFOqg9WHL2rKvw==
wi6VpX8DXHHHVZFL
aeneontrue.com
Targets
-
-
Target
tmp
-
Size
1.0MB
-
MD5
da04d6b7b1499842ee15fd06f0753a7b
-
SHA1
51ab26f7074d2836ea4e1c3b9f0a9e8eb6b57929
-
SHA256
1046455f39dbe56dc8cc160ebc53b5b32315021af4a871c06235a5257e02f123
-
SHA512
6023ed14d7abdbcd734050ba46162024fd7b39eddad5973e7bdf5de7b1bdc233822c1a4f6027b99f3cebafeb46a41c5fdc82c693beaaa335065316cfdb382852
-
SSDEEP
12288:NyqF7UsDy+vMCt3kzBXDanOmitbih4Lb/aUIYfa7N2NZiuEQDFFAQSQy4At:NJF0UD3kNTcJhmzPZWwAtQy4A
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-