Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6ceba8b4a61d487886028613f8722ca6aa10903883917f7192c65f2f912ccf83
-
Size
4.9MB
-
Sample
221204-qn7eyacf49
-
MD5
3da9a1d1d629da63f5da4fe31dfb7055
-
SHA1
2ae40a75d835993840c13de0e688fcbd3d960c8b
-
SHA256
6ceba8b4a61d487886028613f8722ca6aa10903883917f7192c65f2f912ccf83
-
SHA512
e16daeb9fb84f4dfcfbe18e18b860380b265933b73ef89234372e37847aa0b7f4d17c4c99597b32f97ad978feb2f60aa343b0fe0b63a2cde07e6c43ad5165525
-
SSDEEP
98304:tKwUCaCzzYeP8owzOkaG0ns252TFIYgmRN2T/4E4RR+Ua+AxKDJf7SFmxS:owUCEePaFt2gSbZrU3kKdSF1
Malware Config
Targets
-
-
Target
6ceba8b4a61d487886028613f8722ca6aa10903883917f7192c65f2f912ccf83
-
Size
4.9MB
-
MD5
3da9a1d1d629da63f5da4fe31dfb7055
-
SHA1
2ae40a75d835993840c13de0e688fcbd3d960c8b
-
SHA256
6ceba8b4a61d487886028613f8722ca6aa10903883917f7192c65f2f912ccf83
-
SHA512
e16daeb9fb84f4dfcfbe18e18b860380b265933b73ef89234372e37847aa0b7f4d17c4c99597b32f97ad978feb2f60aa343b0fe0b63a2cde07e6c43ad5165525
-
SSDEEP
98304:tKwUCaCzzYeP8owzOkaG0ns252TFIYgmRN2T/4E4RR+Ua+AxKDJf7SFmxS:owUCEePaFt2gSbZrU3kKdSF1
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-