Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
66f6904751985f14aea6e5ff73c7ccd6fc68b4795b9a7bc0f4665f094b4f02f6
-
Size
890KB
-
Sample
221201-ecwzaabg37
-
MD5
9c0b63cb17fa4ee66900da0f06cc3e4e
-
SHA1
ac19722da1fbf52eb9656ba59d818906829220f0
-
SHA256
66f6904751985f14aea6e5ff73c7ccd6fc68b4795b9a7bc0f4665f094b4f02f6
-
SHA512
f18d6349f5cb180f2f8179d3c94dd1da6978e7dfc04ff9aa495b32a7d0b793f2df5b4c3fab7d9e262fd2b1f589b19ed0644c00f93a713397796e7c81f00e7a97
-
SSDEEP
1536:hO20qHkRRNpTNJo9KJt7i3ukMV111I8Yp45wzvShJFIn8lq93oFDeUXtk3ns:hMRjVo9uFiJu11upaEMq8Y3Utm
Static task
static1
Behavioral task
behavioral1
Sample
66f6904751985f14aea6e5ff73c7ccd6fc68b4795b9a7bc0f4665f094b4f02f6.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
66f6904751985f14aea6e5ff73c7ccd6fc68b4795b9a7bc0f4665f094b4f02f6.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
66f6904751985f14aea6e5ff73c7ccd6fc68b4795b9a7bc0f4665f094b4f02f6
-
Size
890KB
-
MD5
9c0b63cb17fa4ee66900da0f06cc3e4e
-
SHA1
ac19722da1fbf52eb9656ba59d818906829220f0
-
SHA256
66f6904751985f14aea6e5ff73c7ccd6fc68b4795b9a7bc0f4665f094b4f02f6
-
SHA512
f18d6349f5cb180f2f8179d3c94dd1da6978e7dfc04ff9aa495b32a7d0b793f2df5b4c3fab7d9e262fd2b1f589b19ed0644c00f93a713397796e7c81f00e7a97
-
SSDEEP
1536:hO20qHkRRNpTNJo9KJt7i3ukMV111I8Yp45wzvShJFIn8lq93oFDeUXtk3ns:hMRjVo9uFiJu11upaEMq8Y3Utm
-
Modifies firewall policy service
-
Modifies security service
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Disables taskbar notifications via registry modification
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-