Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2817d65c0ab640b500137372966ed9dcf8506b9a2415742c7c1824d4edb6e323
-
Size
73KB
-
Sample
221201-f6wfaahb43
-
MD5
f8b6ce4dc6e3a0a0230c9906cc57cc5f
-
SHA1
071e5e9063b5dff5433677c46c794626fe6fbcc2
-
SHA256
2817d65c0ab640b500137372966ed9dcf8506b9a2415742c7c1824d4edb6e323
-
SHA512
4f7e16cd1d487eedb40fc5b4e9b9b358bb6d52fa830d75616e6ba3a0a77642a8b6634d74ecdfba918d7af044ac6279e9709ab6d6d4136a501698db5347c84047
-
SSDEEP
1536:XZqCO2BfXgTjwwy4rsp8JzEi5o0FfmGsG7rW/raJ90Qg8bd:XU2NgVnEQomlrW/cPgcd
Static task
static1
Behavioral task
behavioral1
Sample
2817d65c0ab640b500137372966ed9dcf8506b9a2415742c7c1824d4edb6e323.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
2817d65c0ab640b500137372966ed9dcf8506b9a2415742c7c1824d4edb6e323.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
2817d65c0ab640b500137372966ed9dcf8506b9a2415742c7c1824d4edb6e323
-
Size
73KB
-
MD5
f8b6ce4dc6e3a0a0230c9906cc57cc5f
-
SHA1
071e5e9063b5dff5433677c46c794626fe6fbcc2
-
SHA256
2817d65c0ab640b500137372966ed9dcf8506b9a2415742c7c1824d4edb6e323
-
SHA512
4f7e16cd1d487eedb40fc5b4e9b9b358bb6d52fa830d75616e6ba3a0a77642a8b6634d74ecdfba918d7af044ac6279e9709ab6d6d4136a501698db5347c84047
-
SSDEEP
1536:XZqCO2BfXgTjwwy4rsp8JzEi5o0FfmGsG7rW/raJ90Qg8bd:XU2NgVnEQomlrW/cPgcd
Score10/10-
Modifies firewall policy service
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-