Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
48fd638afdd90873af1e76b1bb8795f633dc684862c453a74a55056734f43e0c
-
Size
628KB
-
Sample
221129-glykksbe95
-
MD5
08922375cc15814566a10af3e3ee0500
-
SHA1
54c653d3ee88bbb0873db3a4c26490bdf9128706
-
SHA256
48fd638afdd90873af1e76b1bb8795f633dc684862c453a74a55056734f43e0c
-
SHA512
1f2eb6d7d09489cc5f5cc469841806238406f37dc87b1be70820478d566224374592682f208a6667e306b7a3ca03a7f769f95f9fe44ab36087c76fb84d3f554c
-
SSDEEP
12288:ON+LbOurqW8AuLexBtRDgNCrrxHeGCcD:NOurqW8AuL8fD4CrrsGCcD
Static task
static1
Behavioral task
behavioral1
Sample
48fd638afdd90873af1e76b1bb8795f633dc684862c453a74a55056734f43e0c.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
48fd638afdd90873af1e76b1bb8795f633dc684862c453a74a55056734f43e0c.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
48fd638afdd90873af1e76b1bb8795f633dc684862c453a74a55056734f43e0c
-
Size
628KB
-
MD5
08922375cc15814566a10af3e3ee0500
-
SHA1
54c653d3ee88bbb0873db3a4c26490bdf9128706
-
SHA256
48fd638afdd90873af1e76b1bb8795f633dc684862c453a74a55056734f43e0c
-
SHA512
1f2eb6d7d09489cc5f5cc469841806238406f37dc87b1be70820478d566224374592682f208a6667e306b7a3ca03a7f769f95f9fe44ab36087c76fb84d3f554c
-
SSDEEP
12288:ON+LbOurqW8AuLexBtRDgNCrrxHeGCcD:NOurqW8AuL8fD4CrrsGCcD
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-