Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8a47f22324c992de1a575a3380157a69784d20e438e98401d8d6728f4f2f06ae
-
Size
323KB
-
Sample
221107-bpdfxsdear
-
MD5
060bbbcd3963eb24d07ca1de2f85c670
-
SHA1
c69df2e3b28fc02926c26e25ccef95c8543886db
-
SHA256
8a47f22324c992de1a575a3380157a69784d20e438e98401d8d6728f4f2f06ae
-
SHA512
a3419b46e63aabf730ee61a172e315608f6841caadf4a014c8a162676028cc424720033ddede6d040e5327d86d3d8c8ff5aa721297b54d404a38c1792b2dec8e
-
SSDEEP
6144:MDRgvR2pZRhXQLOzSE8x2OZZGDvMOjWkfJBpybuqq0K5Mxn:MDRTXjXQ6zSE8xnavjKkfJ7yFq0K5yn
Malware Config
Targets
-
-
Target
8a47f22324c992de1a575a3380157a69784d20e438e98401d8d6728f4f2f06ae
-
Size
323KB
-
MD5
060bbbcd3963eb24d07ca1de2f85c670
-
SHA1
c69df2e3b28fc02926c26e25ccef95c8543886db
-
SHA256
8a47f22324c992de1a575a3380157a69784d20e438e98401d8d6728f4f2f06ae
-
SHA512
a3419b46e63aabf730ee61a172e315608f6841caadf4a014c8a162676028cc424720033ddede6d040e5327d86d3d8c8ff5aa721297b54d404a38c1792b2dec8e
-
SSDEEP
6144:MDRgvR2pZRhXQLOzSE8x2OZZGDvMOjWkfJBpybuqq0K5Mxn:MDRTXjXQ6zSE8xnavjKkfJ7yFq0K5yn
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-