Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bb90548c9c0dd6e411c236b55004a392
-
Size
388KB
-
Sample
221122-dp1ybsca5v
-
MD5
bb90548c9c0dd6e411c236b55004a392
-
SHA1
1e1db20778c735c26ac2411fa565a1ff43405327
-
SHA256
f7c1423cc7223b0490b8e98cb656a09eef624c9d0e1f00445031b1c635692b5d
-
SHA512
12ba06a936605a3ec6873489c863b1e922e2f989d4cab5c73936f6e9699e6a6760a8c001cfbe2ad7cad007b573f563fbea74125abc547eda409403cc4cf05231
-
SSDEEP
6144:pOYGXaPNxdgSdcq2pVZPOJHAbKSXXDYrM2Vfmq7k3ivPjVbdgZK:1GqN/XdctpVtkiXXDCOZij3Z
Static task
static1
Behavioral task
behavioral1
Sample
bb90548c9c0dd6e411c236b55004a392.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
bb90548c9c0dd6e411c236b55004a392.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
bb90548c9c0dd6e411c236b55004a392
-
Size
388KB
-
MD5
bb90548c9c0dd6e411c236b55004a392
-
SHA1
1e1db20778c735c26ac2411fa565a1ff43405327
-
SHA256
f7c1423cc7223b0490b8e98cb656a09eef624c9d0e1f00445031b1c635692b5d
-
SHA512
12ba06a936605a3ec6873489c863b1e922e2f989d4cab5c73936f6e9699e6a6760a8c001cfbe2ad7cad007b573f563fbea74125abc547eda409403cc4cf05231
-
SSDEEP
6144:pOYGXaPNxdgSdcq2pVZPOJHAbKSXXDYrM2Vfmq7k3ivPjVbdgZK:1GqN/XdctpVtkiXXDCOZij3Z
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops file in System32 directory
-