Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
29b8362241e3914bf9b9923f12a07f7a024bc6d9d390c8262197984f796f8e02
-
Size
839KB
-
Sample
221204-qw8b7sdd23
-
MD5
3736c418a5a3c2d9deba7766881c17f9
-
SHA1
5c5ecf31c34d36b819fc1083d2070cd09d1970ae
-
SHA256
29b8362241e3914bf9b9923f12a07f7a024bc6d9d390c8262197984f796f8e02
-
SHA512
3279e4a01e08ddfefbade6e2920a48af3b2e146c824ce8142c1ae2a32b629a47d66695dcf89d324b13e2d71ab400f72a425f8d6ed587417a4164983d4852eb15
-
SSDEEP
12288:whkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4a28x7A6:4RmJkcoQricOIQxiZY1ia28x7L
Malware Config
Targets
-
-
Target
29b8362241e3914bf9b9923f12a07f7a024bc6d9d390c8262197984f796f8e02
-
Size
839KB
-
MD5
3736c418a5a3c2d9deba7766881c17f9
-
SHA1
5c5ecf31c34d36b819fc1083d2070cd09d1970ae
-
SHA256
29b8362241e3914bf9b9923f12a07f7a024bc6d9d390c8262197984f796f8e02
-
SHA512
3279e4a01e08ddfefbade6e2920a48af3b2e146c824ce8142c1ae2a32b629a47d66695dcf89d324b13e2d71ab400f72a425f8d6ed587417a4164983d4852eb15
-
SSDEEP
12288:whkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4a28x7A6:4RmJkcoQricOIQxiZY1ia28x7L
Score8/10-
Adds policy Run key to start application
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-