Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
1.8MB
-
Sample
230106-1dletsca39
-
MD5
d9be361b1f8bb4936005a74914fbe6f5
-
SHA1
f537cd6a48c521499193c8278e1f84fc3f8ac9f7
-
SHA256
e028ab3888d547deb1fc53fabd694a15d735f28bf68ac36b23d67ae9d2bb25d6
-
SHA512
124ea8ab60b5d34de7694ff67483f78f3161fa9efd62cda6a07832c84a39498567a23884a65f4f321ac29d0f28957db55b1c50c300ee44c67de2009cede21de6
-
SSDEEP
49152:Aixz0zjpivo4sD1FcflzKv1sBUpwci8Ptk4VRAlNpi:AixSiQFDbccdsBeVtao
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.8MB
-
MD5
d9be361b1f8bb4936005a74914fbe6f5
-
SHA1
f537cd6a48c521499193c8278e1f84fc3f8ac9f7
-
SHA256
e028ab3888d547deb1fc53fabd694a15d735f28bf68ac36b23d67ae9d2bb25d6
-
SHA512
124ea8ab60b5d34de7694ff67483f78f3161fa9efd62cda6a07832c84a39498567a23884a65f4f321ac29d0f28957db55b1c50c300ee44c67de2009cede21de6
-
SSDEEP
49152:Aixz0zjpivo4sD1FcflzKv1sBUpwci8Ptk4VRAlNpi:AixSiQFDbccdsBeVtao
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-