Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c77284987a90f51382df387f35b0780ff16b7e71230926a91caea9b5e955f539
-
Size
92KB
-
Sample
221203-xvcbpsgc57
-
MD5
33e3bbcf9b34c8cecb5279eec1d644e0
-
SHA1
db62be5aeaf66691da1627a419d935ab58c67940
-
SHA256
c77284987a90f51382df387f35b0780ff16b7e71230926a91caea9b5e955f539
-
SHA512
eb1faf6aca854b8747e433fe756a1d0aef1a66e2d6a1a18ab8ee5da68fc30556087a065cf732120d09a03dba2fb9bec24c95215115592cb93eee336861801b1b
-
SSDEEP
1536:3YSSR+XyVoizrqkhSJ7p7bi/KveY4x5EPQJUnRSuvy0ORU5kgB:pSVaQrqkI97biTxSPMUnRt67Ckc
Malware Config
Targets
-
-
Target
c77284987a90f51382df387f35b0780ff16b7e71230926a91caea9b5e955f539
-
Size
92KB
-
MD5
33e3bbcf9b34c8cecb5279eec1d644e0
-
SHA1
db62be5aeaf66691da1627a419d935ab58c67940
-
SHA256
c77284987a90f51382df387f35b0780ff16b7e71230926a91caea9b5e955f539
-
SHA512
eb1faf6aca854b8747e433fe756a1d0aef1a66e2d6a1a18ab8ee5da68fc30556087a065cf732120d09a03dba2fb9bec24c95215115592cb93eee336861801b1b
-
SSDEEP
1536:3YSSR+XyVoizrqkhSJ7p7bi/KveY4x5EPQJUnRSuvy0ORU5kgB:pSVaQrqkI97biTxSPMUnRt67Ckc
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Suspicious use of SetThreadContext
-