Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aac79cbe3e30a4bc699a25ab330d951d6ad7b42b25c66a77ff1b7676b738356b
-
Size
355KB
-
Sample
221202-zrnxfagg5z
-
MD5
ff481f4c8fccf03ef83a7e7f54f6385d
-
SHA1
09d2797be0059562804469d5277f87475bec1470
-
SHA256
aac79cbe3e30a4bc699a25ab330d951d6ad7b42b25c66a77ff1b7676b738356b
-
SHA512
93b189df6f875a50de5675609c1da9c9e397e9f383d080fd2ea8e8597bae79e25d53fdcbf5116fec75aae01d2127b57a655a64f80166782319e96aff7b7e6b66
-
SSDEEP
6144:A2gbSUjtb9CCIXI7V7Ub/ZY0dTmQcG9u5IJLD+SmwNDJf2gcPJkX5Fl:KbAZZNJmGfJLCkN9f2nPJkXrl
Static task
static1
Behavioral task
behavioral1
Sample
aac79cbe3e30a4bc699a25ab330d951d6ad7b42b25c66a77ff1b7676b738356b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
aac79cbe3e30a4bc699a25ab330d951d6ad7b42b25c66a77ff1b7676b738356b.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
aac79cbe3e30a4bc699a25ab330d951d6ad7b42b25c66a77ff1b7676b738356b
-
Size
355KB
-
MD5
ff481f4c8fccf03ef83a7e7f54f6385d
-
SHA1
09d2797be0059562804469d5277f87475bec1470
-
SHA256
aac79cbe3e30a4bc699a25ab330d951d6ad7b42b25c66a77ff1b7676b738356b
-
SHA512
93b189df6f875a50de5675609c1da9c9e397e9f383d080fd2ea8e8597bae79e25d53fdcbf5116fec75aae01d2127b57a655a64f80166782319e96aff7b7e6b66
-
SSDEEP
6144:A2gbSUjtb9CCIXI7V7Ub/ZY0dTmQcG9u5IJLD+SmwNDJf2gcPJkX5Fl:KbAZZNJmGfJLCkN9f2nPJkXrl
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-