Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
af830999799b96a0e6d9d2034351aa4a3ef37eb19238d729e5b579baac1ff89d
-
Size
389KB
-
Sample
221129-dnbl2sdf6y
-
MD5
b6f44530923ed01c9d8339cfafca2499
-
SHA1
b478caf17103ecee9bd78e604f76145b910549ef
-
SHA256
af830999799b96a0e6d9d2034351aa4a3ef37eb19238d729e5b579baac1ff89d
-
SHA512
185990df0173af4e68c7e0f10bb25b81cfa6ff7441254eb1a41b52a9c3a5dedb8681095c06f41442a7a9979ee14cf4526537592022d15460ece13ea60d5230ad
-
SSDEEP
3072:Pe41fGxM8/R2ljNjbbYewzYS/nnSXjyV8n167SaaHNhXV3+050jIkTHGGrb/SCdK:mAOOeeNbE0SSzO8163F05kxdb965w2Ug
Malware Config
Targets
-
-
Target
af830999799b96a0e6d9d2034351aa4a3ef37eb19238d729e5b579baac1ff89d
-
Size
389KB
-
MD5
b6f44530923ed01c9d8339cfafca2499
-
SHA1
b478caf17103ecee9bd78e604f76145b910549ef
-
SHA256
af830999799b96a0e6d9d2034351aa4a3ef37eb19238d729e5b579baac1ff89d
-
SHA512
185990df0173af4e68c7e0f10bb25b81cfa6ff7441254eb1a41b52a9c3a5dedb8681095c06f41442a7a9979ee14cf4526537592022d15460ece13ea60d5230ad
-
SSDEEP
3072:Pe41fGxM8/R2ljNjbbYewzYS/nnSXjyV8n167SaaHNhXV3+050jIkTHGGrb/SCdK:mAOOeeNbE0SSzO8163F05kxdb965w2Ug
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-