Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
db3af571f06fabfbbf6420bbefd4fac2b0b42e30b430e8740ba6a25bfe1d4ba2
-
Size
150KB
-
Sample
221019-1drxlshecj
-
MD5
919b2b1b92e8b165ef29740134b74cf0
-
SHA1
88dbc8d1fa65461552b8b7166cd4f83887535ce7
-
SHA256
db3af571f06fabfbbf6420bbefd4fac2b0b42e30b430e8740ba6a25bfe1d4ba2
-
SHA512
444f38e0a70ea275c37ab9f6776f94cd18bbd9a061d284ac014970c4f97092d226d0c8fe970667b3a28449c936bff67e43a1766bf1a5fb28b727e9c421d6cd8b
-
SSDEEP
768:hk33Rdt3vQBofYJaX2P8fojSgwFXdOL+vYhSw5fmWfgOFQWbHo7me/c7yA50o:hknRdt3vqoaxqo/wJdMQ2NmQbFQfHcJ
Static task
static1
Behavioral task
behavioral1
Sample
db3af571f06fabfbbf6420bbefd4fac2b0b42e30b430e8740ba6a25bfe1d4ba2.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
db3af571f06fabfbbf6420bbefd4fac2b0b42e30b430e8740ba6a25bfe1d4ba2.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
Protocol: ftp- Host:
arsensteller1.ucoz.ua - Port:
21 - Username:
aarsensteller1 - Password:
01072000a
Targets
-
-
Target
db3af571f06fabfbbf6420bbefd4fac2b0b42e30b430e8740ba6a25bfe1d4ba2
-
Size
150KB
-
MD5
919b2b1b92e8b165ef29740134b74cf0
-
SHA1
88dbc8d1fa65461552b8b7166cd4f83887535ce7
-
SHA256
db3af571f06fabfbbf6420bbefd4fac2b0b42e30b430e8740ba6a25bfe1d4ba2
-
SHA512
444f38e0a70ea275c37ab9f6776f94cd18bbd9a061d284ac014970c4f97092d226d0c8fe970667b3a28449c936bff67e43a1766bf1a5fb28b727e9c421d6cd8b
-
SSDEEP
768:hk33Rdt3vQBofYJaX2P8fojSgwFXdOL+vYhSw5fmWfgOFQWbHo7me/c7yA50o:hknRdt3vqoaxqo/wJdMQ2NmQbFQfHcJ
Score10/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-