Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9af414175d1a699f426f5c071c691a560633db47b8d59c9f53298a6eebb206a6
-
Size
888KB
-
Sample
221030-vprhbsbcc4
-
MD5
82e29f4581342f7d18464fe7935bb600
-
SHA1
e0220e5ba3023f2fb42c2f9d379b809c3f2f7aca
-
SHA256
9af414175d1a699f426f5c071c691a560633db47b8d59c9f53298a6eebb206a6
-
SHA512
2ad530c75edc9c62b15ae1384b4c7f1a7b83d7407bab08ba580d540e1f09c423beda98006b1b3931447c82d78b783860e43541e545f2a206f70d78a153a1134e
-
SSDEEP
12288:VHATf2ycdFG9+krC8MIvumXdw9eDuUltBeDuUlVEtEvVxpbN:Va2ycPU+krC8tWAw+yxpbN
Static task
static1
Behavioral task
behavioral1
Sample
9af414175d1a699f426f5c071c691a560633db47b8d59c9f53298a6eebb206a6.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
9af414175d1a699f426f5c071c691a560633db47b8d59c9f53298a6eebb206a6
-
Size
888KB
-
MD5
82e29f4581342f7d18464fe7935bb600
-
SHA1
e0220e5ba3023f2fb42c2f9d379b809c3f2f7aca
-
SHA256
9af414175d1a699f426f5c071c691a560633db47b8d59c9f53298a6eebb206a6
-
SHA512
2ad530c75edc9c62b15ae1384b4c7f1a7b83d7407bab08ba580d540e1f09c423beda98006b1b3931447c82d78b783860e43541e545f2a206f70d78a153a1134e
-
SSDEEP
12288:VHATf2ycdFG9+krC8MIvumXdw9eDuUltBeDuUlVEtEvVxpbN:Va2ycPU+krC8tWAw+yxpbN
-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-