Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8237036400.zip
-
Size
137KB
-
Sample
221025-jzze5scabj
-
MD5
fd4ca747dd49b75366b0df7358262c33
-
SHA1
18e801a7a742b30073dbe717f797e225462537a0
-
SHA256
6b375dbe5a71358422e1f667e00b4c9180d657799b8f4940eefc8d14653b536a
-
SHA512
8bc04b536aca7ef6a4bed1596c1947a07a44e24ff522a337ad6776a3b796a7093820a6fb454b68b6299f3236754e35cfc1839eb75be3cd8827e4368f3b4955cd
-
SSDEEP
3072:RxHXaBqXNj/l7Uss1lz4Vtp88R9pBQ2n/PhaRXTYc4rUy1T:RJoqnZaq8uBt/PETYPrUAT
Static task
static1
Behavioral task
behavioral1
Sample
45f293b1b5a4aaec48ac943696302bac9c893867f1fc282e85ed8341dd2f0f50.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
45f293b1b5a4aaec48ac943696302bac9c893867f1fc282e85ed8341dd2f0f50.docm
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
45f293b1b5a4aaec48ac943696302bac9c893867f1fc282e85ed8341dd2f0f50
-
Size
143KB
-
MD5
f769f67681707e8f69ecdf9e62fb944c
-
SHA1
c5f6a48fa52a279e1f3424b97662b479716229af
-
SHA256
45f293b1b5a4aaec48ac943696302bac9c893867f1fc282e85ed8341dd2f0f50
-
SHA512
779caa9c7efac57edc6078d212b04a930d66fa10b50967bb1b9131c9e240f40f09e6f81812583770e7ffac51d7d0e23b57e20e6a7719d73ab2f1673cb17943a9
-
SSDEEP
3072:2e3HSOTf6Mqfb041n8Vj9SmUNRzw16vDhLfByVBZsqnCVL:2eiObpS1nY9fqzjvDZoDsqngL
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-