Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
setup.exe
-
Size
81.7MB
-
Sample
221025-a5ylcsbbcp
-
MD5
af71d4b1b7ab5974c3565f9bc5aa5547
-
SHA1
75c653ff9173a70d6bcb60a84a96f14ecb666bec
-
SHA256
ca202c0380d05a819d48182f21af070112b39a4a2f26f9c3b6d2caeaa2fdfb87
-
SHA512
855a9713f372cc1b280bb04a9183c9b060478e196cb78d06afe9083f55bdd4686befb2e1fa636381ce45269cbcc4235e6d3126429c0913878fa2492f718055de
-
SSDEEP
393216:J+UwcyJhoonKYTXOnz3L2Vmd6mI/m3pyc/eO47G99MJBJHYJwMia/qdh:okyJ+UdTX4byVmdSKyuP+JGwla/qdh
Behavioral task
behavioral1
Sample
setup.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
setup.exe
-
Size
81.7MB
-
MD5
af71d4b1b7ab5974c3565f9bc5aa5547
-
SHA1
75c653ff9173a70d6bcb60a84a96f14ecb666bec
-
SHA256
ca202c0380d05a819d48182f21af070112b39a4a2f26f9c3b6d2caeaa2fdfb87
-
SHA512
855a9713f372cc1b280bb04a9183c9b060478e196cb78d06afe9083f55bdd4686befb2e1fa636381ce45269cbcc4235e6d3126429c0913878fa2492f718055de
-
SSDEEP
393216:J+UwcyJhoonKYTXOnz3L2Vmd6mI/m3pyc/eO47G99MJBJHYJwMia/qdh:okyJ+UdTX4byVmdSKyuP+JGwla/qdh
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-