Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
383521539e46acf813ec377c5a647406fbb7596456dd6f51ff1d61cf3f42cab9
-
Size
2.0MB
-
Sample
221217-zlsy7shf25
-
MD5
7f6bd690058401943b45f8bc8667eec7
-
SHA1
f8f6f35ba3acdf7e37993b4116c6ef90ee163505
-
SHA256
383521539e46acf813ec377c5a647406fbb7596456dd6f51ff1d61cf3f42cab9
-
SHA512
455ac13457f9417d2f4ece72cd1ba644ff80ccdbf4454b919d9689a4ae16456637bef963df8b131690ac9e4a0e3dfa1a866bdff29f65aaeebb36a1a413f8b402
-
SSDEEP
49152:2pFtPeFTefWNTt0dYMuZDGmA8M9JNYPGmT:2pWeulpZa/8+YPGU
Static task
static1
Malware Config
Targets
-
-
Target
383521539e46acf813ec377c5a647406fbb7596456dd6f51ff1d61cf3f42cab9
-
Size
2.0MB
-
MD5
7f6bd690058401943b45f8bc8667eec7
-
SHA1
f8f6f35ba3acdf7e37993b4116c6ef90ee163505
-
SHA256
383521539e46acf813ec377c5a647406fbb7596456dd6f51ff1d61cf3f42cab9
-
SHA512
455ac13457f9417d2f4ece72cd1ba644ff80ccdbf4454b919d9689a4ae16456637bef963df8b131690ac9e4a0e3dfa1a866bdff29f65aaeebb36a1a413f8b402
-
SSDEEP
49152:2pFtPeFTefWNTt0dYMuZDGmA8M9JNYPGmT:2pWeulpZa/8+YPGU
-
XMRig Miner payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-