Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4cc8eafc48b7a4f3752e1181159ffbb25eeac29105611c0cad31ce845e47ac9b
-
Size
144KB
-
Sample
221201-3epjzsfa3z
-
MD5
e51c9656caaa74ae856dd67c5e4bbaf0
-
SHA1
8aac8ca17dbc5864f14422771f6781ca6bcc2444
-
SHA256
4cc8eafc48b7a4f3752e1181159ffbb25eeac29105611c0cad31ce845e47ac9b
-
SHA512
7002f55065bba31088caac4f14dc0af065674c29e8fcbe48b05b97e55af3f62723b58c47620471f4c3d484efcce4eadc453b2d126e75b0852ddfc8c98c5d7643
-
SSDEEP
3072:T4Dq0BO5VIdhvoiOhkidHTBzSP052WKKM4XR14dv:69vhOhjdzBGPeHKIrY
Malware Config
Targets
-
-
Target
4cc8eafc48b7a4f3752e1181159ffbb25eeac29105611c0cad31ce845e47ac9b
-
Size
144KB
-
MD5
e51c9656caaa74ae856dd67c5e4bbaf0
-
SHA1
8aac8ca17dbc5864f14422771f6781ca6bcc2444
-
SHA256
4cc8eafc48b7a4f3752e1181159ffbb25eeac29105611c0cad31ce845e47ac9b
-
SHA512
7002f55065bba31088caac4f14dc0af065674c29e8fcbe48b05b97e55af3f62723b58c47620471f4c3d484efcce4eadc453b2d126e75b0852ddfc8c98c5d7643
-
SSDEEP
3072:T4Dq0BO5VIdhvoiOhkidHTBzSP052WKKM4XR14dv:69vhOhjdzBGPeHKIrY
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Suspicious use of SetThreadContext
-