Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fd163fd39079c61bd16fc6d78e653289400443b771e28b0b15c8bb0e9ca38506
-
Size
235KB
-
Sample
221020-lqrp2sgacn
-
MD5
5fcdf5c35a7cbe6a59524c1f0f328cfb
-
SHA1
a37be0a5af9e81ff97aaddad0c346dd80eb76b18
-
SHA256
fd163fd39079c61bd16fc6d78e653289400443b771e28b0b15c8bb0e9ca38506
-
SHA512
fa7c3d348326cb62264b252a78bea14b8c23ecd1d4a2574e7893b5212bbc9a1b9e8aa67f2a39c08b6a618459d59a57034031cf21bc3ffb4ffe0e751985998014
-
SSDEEP
3072:3Gvo6giwpW9DGD2VdKvY/gIg/CtTIuOmxkiozXgeXdHwTBf4Wgczc+0ieoM:3G377xS2Vp2CeiorXdwTBgWx4D
Malware Config
Targets
-
-
Target
fd163fd39079c61bd16fc6d78e653289400443b771e28b0b15c8bb0e9ca38506
-
Size
235KB
-
MD5
5fcdf5c35a7cbe6a59524c1f0f328cfb
-
SHA1
a37be0a5af9e81ff97aaddad0c346dd80eb76b18
-
SHA256
fd163fd39079c61bd16fc6d78e653289400443b771e28b0b15c8bb0e9ca38506
-
SHA512
fa7c3d348326cb62264b252a78bea14b8c23ecd1d4a2574e7893b5212bbc9a1b9e8aa67f2a39c08b6a618459d59a57034031cf21bc3ffb4ffe0e751985998014
-
SSDEEP
3072:3Gvo6giwpW9DGD2VdKvY/gIg/CtTIuOmxkiozXgeXdHwTBf4Wgczc+0ieoM:3G377xS2Vp2CeiorXdwTBgWx4D
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
UAC bypass
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-