Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b6fd7ee74364bd34e37198495f9be07b9c9af6e092d9db4bfa402b7d15dd4fa2
-
Size
4.1MB
-
Sample
221027-x3a4lsdcdr
-
MD5
7e04444ee65a57a6f1e8186484a273ca
-
SHA1
bf9dfdeb5c1af2d48922dc91eb24cdce76bc6e07
-
SHA256
b6fd7ee74364bd34e37198495f9be07b9c9af6e092d9db4bfa402b7d15dd4fa2
-
SHA512
7af8d5d6dccbbf5679ba262cb6d6273cbb4e1d72d42d51418c60edddfa4fd7ea9f8359d5b71982ebdab7823007fe11e0b75a76213b24de564bfbb73f9a42a55c
-
SSDEEP
98304:v7VA/JIGqUDibWRxEjsRR8T7oAFlzAiYD9oeyNsSGGhShvOBPRXVMG9RmmgRbqV:JgyArx+6REoAFlzAbDy1GGsQ9lFYm0bI
Static task
static1
Malware Config
Targets
-
-
Target
b6fd7ee74364bd34e37198495f9be07b9c9af6e092d9db4bfa402b7d15dd4fa2
-
Size
4.1MB
-
MD5
7e04444ee65a57a6f1e8186484a273ca
-
SHA1
bf9dfdeb5c1af2d48922dc91eb24cdce76bc6e07
-
SHA256
b6fd7ee74364bd34e37198495f9be07b9c9af6e092d9db4bfa402b7d15dd4fa2
-
SHA512
7af8d5d6dccbbf5679ba262cb6d6273cbb4e1d72d42d51418c60edddfa4fd7ea9f8359d5b71982ebdab7823007fe11e0b75a76213b24de564bfbb73f9a42a55c
-
SSDEEP
98304:v7VA/JIGqUDibWRxEjsRR8T7oAFlzAiYD9oeyNsSGGhShvOBPRXVMG9RmmgRbqV:JgyArx+6REoAFlzAbDy1GGsQ9lFYm0bI
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-