Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
070bc26b289a9c1b596772006af1c241ed0ebfb0fee1c0152157973ef61bb345
-
Size
10.0MB
-
Sample
221126-ar7xwahe87
-
MD5
b8c899ad14a17c09d384ab0407493208
-
SHA1
e892019fac46cefd25ed561b36d1ea279c023ce6
-
SHA256
070bc26b289a9c1b596772006af1c241ed0ebfb0fee1c0152157973ef61bb345
-
SHA512
a8ab017191401226344cdf5b62cd3ff38876f0afba3bdde56f8540cf98a91b0a4724b9f968d3b6101e1ae9eb08b49e8373caaf206a775964d3345bfe67489877
-
SSDEEP
1536:D0uOtMg/ShmxlXLaOkaF/KMGHLatFj3BYReOe7g3lvUlQLD/JpD0umXRe5wMvXmE:DjOtKSXugFQ6Fj8eaV7JhGe5wcXjKe
Malware Config
Targets
-
-
Target
070bc26b289a9c1b596772006af1c241ed0ebfb0fee1c0152157973ef61bb345
-
Size
10.0MB
-
MD5
b8c899ad14a17c09d384ab0407493208
-
SHA1
e892019fac46cefd25ed561b36d1ea279c023ce6
-
SHA256
070bc26b289a9c1b596772006af1c241ed0ebfb0fee1c0152157973ef61bb345
-
SHA512
a8ab017191401226344cdf5b62cd3ff38876f0afba3bdde56f8540cf98a91b0a4724b9f968d3b6101e1ae9eb08b49e8373caaf206a775964d3345bfe67489877
-
SSDEEP
1536:D0uOtMg/ShmxlXLaOkaF/KMGHLatFj3BYReOe7g3lvUlQLD/JpD0umXRe5wMvXmE:DjOtKSXugFQ6Fj8eaV7JhGe5wcXjKe
Score8/10-
Adds policy Run key to start application
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-