Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cef0a97ab84a4b4239d22008c571317702775eb85799e544bc1cb13f2aa5ea73
-
Size
239KB
-
Sample
230101-dejajaec7v
-
MD5
f0d2a2754e33271df9ed6ad63ae59cd9
-
SHA1
ab7205ae24c163bcf533cf24ee49d3c9df2994cf
-
SHA256
cef0a97ab84a4b4239d22008c571317702775eb85799e544bc1cb13f2aa5ea73
-
SHA512
7e2f1ca22f8ce25fe2076db33194ca65677db52c6dd6b838e02b8a9950183d437f35e392079d5f8660e25628a054f7f710e983a639ad0271b7f67886aa7bdfcd
-
SSDEEP
3072:3kXSzOsCMLXmM3EKgs5LiQfD39Erus8rs773lHPAmqIaR27hZY:Q0LfEKga9fD3yus8rs33lTOsZY
Static task
static1
Behavioral task
behavioral1
Sample
cef0a97ab84a4b4239d22008c571317702775eb85799e544bc1cb13f2aa5ea73.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
cef0a97ab84a4b4239d22008c571317702775eb85799e544bc1cb13f2aa5ea73
-
Size
239KB
-
MD5
f0d2a2754e33271df9ed6ad63ae59cd9
-
SHA1
ab7205ae24c163bcf533cf24ee49d3c9df2994cf
-
SHA256
cef0a97ab84a4b4239d22008c571317702775eb85799e544bc1cb13f2aa5ea73
-
SHA512
7e2f1ca22f8ce25fe2076db33194ca65677db52c6dd6b838e02b8a9950183d437f35e392079d5f8660e25628a054f7f710e983a639ad0271b7f67886aa7bdfcd
-
SSDEEP
3072:3kXSzOsCMLXmM3EKgs5LiQfD39Erus8rs773lHPAmqIaR27hZY:Q0LfEKga9fD3yus8rs33lTOsZY
-
Detects Smokeloader packer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-