Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a9f43ef0b06830d6dc965d3cdb1f0ffb53e304676aadc01cf658c7c3e63502ad
-
Size
668KB
-
Sample
221029-131wtahheq
-
MD5
84ae63f85c75ceedb5e10acd1cdbb32d
-
SHA1
310cfaa0c80efa7128dabe7744be50df4522eb57
-
SHA256
a9f43ef0b06830d6dc965d3cdb1f0ffb53e304676aadc01cf658c7c3e63502ad
-
SHA512
a0f3bd2f3ad92255fbe16386b69f4b25fbfa69282fc2ef122900bcf7c27006b23af99a4d9de39148fb4afc7bd2f1ee211c0a3aac567d47706a667f7bc9abdfdc
-
SSDEEP
12288:/ArC/wrr9nkDpf+QsDJGhGszVuWSXLRmseOara:/Akwf9ekQsEgssLcs
Malware Config
Targets
-
-
Target
a9f43ef0b06830d6dc965d3cdb1f0ffb53e304676aadc01cf658c7c3e63502ad
-
Size
668KB
-
MD5
84ae63f85c75ceedb5e10acd1cdbb32d
-
SHA1
310cfaa0c80efa7128dabe7744be50df4522eb57
-
SHA256
a9f43ef0b06830d6dc965d3cdb1f0ffb53e304676aadc01cf658c7c3e63502ad
-
SHA512
a0f3bd2f3ad92255fbe16386b69f4b25fbfa69282fc2ef122900bcf7c27006b23af99a4d9de39148fb4afc7bd2f1ee211c0a3aac567d47706a667f7bc9abdfdc
-
SSDEEP
12288:/ArC/wrr9nkDpf+QsDJGhGszVuWSXLRmseOara:/Akwf9ekQsEgssLcs
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Detected potential entity reuse from brand microsoft.
-
Suspicious use of SetThreadContext
-