Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
83939663-3b6c-beec-f375-09e921b96ec1.eml
-
Size
642KB
-
Sample
221130-24zktage6s
-
MD5
e3868602935b48670ba95b65652b6bde
-
SHA1
8f77a53b5f0d1c28d2c4e1d759cefff99abe18f8
-
SHA256
e5f3503e7e13fbd6944429f7cdc31515a464a0852400d244d385753fffcb74b0
-
SHA512
5799511c552d196e42f2680ebcba83c0ce24b5c04a0b0f4de04624a16ed4bcb264d8229046ed624289f9726d57eee0039eeec52f76357171ff671681b81828a0
-
SSDEEP
12288:hAdLetT489/UbVnJb4XgC5J3d1dZ+gIbzePCSx:K6xeEwed1dZ+gGePl
Static task
static1
Behavioral task
behavioral1
Sample
Comprobante de pago.vbs
Resource
win10-20220901-en
Behavioral task
behavioral2
Sample
Comprobante de pago.vbs
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Comprobante de pago.vbs
-
Size
458KB
-
MD5
b850dc23232f57ca017501c3466e2dae
-
SHA1
32955a66920f793b29b9c759e94b937444fc9e67
-
SHA256
2474c4600024152198c6343099f27f6738c91331f20845fa098437ccc292c774
-
SHA512
d1a9705b750b84579e41047776cb09622464e1a55c990ac1fb4167b52d58304d29884e6b381ba486f4ff6d9590bda55b2d71cca612ae4b0031622cd9b6091e94
-
SSDEEP
6144:vABlsHrxVHvRQn/pdizJ2lqNgNr8PKIfg2LY40gPbN8oKsCFIl/:qlsHrzHv2n/i8o0r8Pzg2H0mKsbt
Score7/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-