Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ce43c0ca5d5ec2b0e0c7041119cfa27dd1f665e3ce3c265fa34a41a805bf9ca6
-
Size
1.1MB
-
Sample
221127-rmb33sha61
-
MD5
3cfa0fe00f1a1af8d5169901b2950814
-
SHA1
b5af2708350427f7f0f8ed1513578a044977112b
-
SHA256
ce43c0ca5d5ec2b0e0c7041119cfa27dd1f665e3ce3c265fa34a41a805bf9ca6
-
SHA512
168e67d8ff5e2a9dfb4e8e1eeaf8e3bc6b3e334dea3beb4c50b854bc57586b1172ca0ba9985ecc6c31cba67fa9417ebdbe8d831fe1a55f48cef4dc9b05fc5fd3
-
SSDEEP
24576:Mfz6TDfxW/bdSmPvA+Cm1tKUa7cNJv9Zf0:MCDpW5SqZCmqv7cNJvTc
Static task
static1
Behavioral task
behavioral1
Sample
ce43c0ca5d5ec2b0e0c7041119cfa27dd1f665e3ce3c265fa34a41a805bf9ca6.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
ce43c0ca5d5ec2b0e0c7041119cfa27dd1f665e3ce3c265fa34a41a805bf9ca6
-
Size
1.1MB
-
MD5
3cfa0fe00f1a1af8d5169901b2950814
-
SHA1
b5af2708350427f7f0f8ed1513578a044977112b
-
SHA256
ce43c0ca5d5ec2b0e0c7041119cfa27dd1f665e3ce3c265fa34a41a805bf9ca6
-
SHA512
168e67d8ff5e2a9dfb4e8e1eeaf8e3bc6b3e334dea3beb4c50b854bc57586b1172ca0ba9985ecc6c31cba67fa9417ebdbe8d831fe1a55f48cef4dc9b05fc5fd3
-
SSDEEP
24576:Mfz6TDfxW/bdSmPvA+Cm1tKUa7cNJv9Zf0:MCDpW5SqZCmqv7cNJvTc
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-