Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
00F1S56789S0W1PAGO198CCS716.zip
-
Size
5.1MB
-
Sample
221020-xqma4saff3
-
MD5
da8e62e4fc690717033d31a48ff11990
-
SHA1
2cf5194673311b0b3a2f4e88f31c37dfd94dc301
-
SHA256
4fd239fb48b377bf8ea5165548643bbf0bcc24183e0de92bd39bd0f85da53f8c
-
SHA512
8ce017d620e9fc3771fb9abd63494492f80f8e442ff40b65c18d2379a1c15d5d496f4dfcfbf373d7efbd691a8c2927dd35d936a66b2e279489d8528da1fb5e02
-
SSDEEP
98304:tuqxyTJfOHKM5s1JeUkirKwQitd6Xgg3D4Xe2yr3633xUvDSVBr8:tFA1GHKM21JQip/PMDNFrwUvDSV98
Static task
static1
Behavioral task
behavioral1
Sample
00F1S56789S0W1PAGO198CCS716.zip
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
00F1S56789S0W1PAGO198CCS716.zip
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
00F1S56789S0W1PAGO198CCS716.msi
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
00F1S56789S0W1PAGO198CCS716.msi
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
00F1S56789S0W1PAGO198CCS716.zip
-
Size
5.1MB
-
MD5
da8e62e4fc690717033d31a48ff11990
-
SHA1
2cf5194673311b0b3a2f4e88f31c37dfd94dc301
-
SHA256
4fd239fb48b377bf8ea5165548643bbf0bcc24183e0de92bd39bd0f85da53f8c
-
SHA512
8ce017d620e9fc3771fb9abd63494492f80f8e442ff40b65c18d2379a1c15d5d496f4dfcfbf373d7efbd691a8c2927dd35d936a66b2e279489d8528da1fb5e02
-
SSDEEP
98304:tuqxyTJfOHKM5s1JeUkirKwQitd6Xgg3D4Xe2yr3633xUvDSVBr8:tFA1GHKM21JQip/PMDNFrwUvDSV98
Score1/10 -
-
-
Target
00F1S56789S0W1PAGO198CCS716.msi
-
Size
5.6MB
-
MD5
9954caa0ca30ffe96b4707dc93f6e607
-
SHA1
570d59cedeb20e4a7db84311741655f45ffdd519
-
SHA256
ca4519fc650d94793df6cc7045548946c49dcfde58891d8afd1c38103a297d12
-
SHA512
8ab5ce0a24fcb7465b5c1a83b7c88629514dce7fa7fd1078cd3aa78a608455c88c766c997d4f067659adb44f4a3154412248a92ce9da78688c9320dad83eb58b
-
SSDEEP
98304:jYOJapMr9FODk8Q6zwYmtwC+UDH6fqy3buT+4OD16dZxCD8YWWgLB8eCA:LAuJoezjTub3xDiCIY1i
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-