Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
901f242e277472b0f214055410ff8e36fe1385e45b5ff6a628db8a4a6ca00eb9
-
Size
345KB
-
Sample
221126-b8xznsda85
-
MD5
e2c77052b14aebb6d5fe7cfe2d7245ea
-
SHA1
743f660f1b12a8e304ea85db024975a3777d9794
-
SHA256
901f242e277472b0f214055410ff8e36fe1385e45b5ff6a628db8a4a6ca00eb9
-
SHA512
efacccd99eb4f196feb99a44179233d46a16d8ba51c07ad3bcaac7a3fd1eaef5f775c2d5aa3b6eacd736d1ac4f5e161d079c8c107359c90d2f543bfa585b45b7
-
SSDEEP
6144:yCp6Q3Ow9J9HSO7Ktol68AE+0csAfWkrX/Qt+ALbEWe5p/cT:L6Q3BLHLlPzHkfrL/Qt+A835
Static task
static1
Behavioral task
behavioral1
Sample
901f242e277472b0f214055410ff8e36fe1385e45b5ff6a628db8a4a6ca00eb9.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
901f242e277472b0f214055410ff8e36fe1385e45b5ff6a628db8a4a6ca00eb9.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
901f242e277472b0f214055410ff8e36fe1385e45b5ff6a628db8a4a6ca00eb9
-
Size
345KB
-
MD5
e2c77052b14aebb6d5fe7cfe2d7245ea
-
SHA1
743f660f1b12a8e304ea85db024975a3777d9794
-
SHA256
901f242e277472b0f214055410ff8e36fe1385e45b5ff6a628db8a4a6ca00eb9
-
SHA512
efacccd99eb4f196feb99a44179233d46a16d8ba51c07ad3bcaac7a3fd1eaef5f775c2d5aa3b6eacd736d1ac4f5e161d079c8c107359c90d2f543bfa585b45b7
-
SSDEEP
6144:yCp6Q3Ow9J9HSO7Ktol68AE+0csAfWkrX/Qt+ALbEWe5p/cT:L6Q3BLHLlPzHkfrL/Qt+A835
Score10/10-
Modifies WinLogon for persistence
-
Sets file execution options in registry
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-