Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
nonadmin_disable.exe
-
Size
119KB
-
Sample
230106-wb5y8shd59
-
MD5
dc83dd2798a8ed47fde094ec809ea42b
-
SHA1
0f40cbafb0be6e18a1e83138625a555261e34583
-
SHA256
5e7c51cdbaaea395aec1e337592e4e210a698c47fe51d4e5f7b96166cacfd9bf
-
SHA512
d96133753e4a3ca779b3910069486b24088113546901fd8178e05b3289325fd9e04665f75137bcb35a23ca85687506ad25e1f3d54a96ccbd0fe06f7340c93ed1
-
SSDEEP
3072:Jpvb7RV/8hhb3dLUK94IgqHniOSyaZoc7QNPnP9TBfWSiwp:z9VkhhrdYK94IgqHniOSyaZoc7QNPnPP
Static task
static1
Behavioral task
behavioral1
Sample
nonadmin_disable.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
nonadmin_disable.exe
-
Size
119KB
-
MD5
dc83dd2798a8ed47fde094ec809ea42b
-
SHA1
0f40cbafb0be6e18a1e83138625a555261e34583
-
SHA256
5e7c51cdbaaea395aec1e337592e4e210a698c47fe51d4e5f7b96166cacfd9bf
-
SHA512
d96133753e4a3ca779b3910069486b24088113546901fd8178e05b3289325fd9e04665f75137bcb35a23ca85687506ad25e1f3d54a96ccbd0fe06f7340c93ed1
-
SSDEEP
3072:Jpvb7RV/8hhb3dLUK94IgqHniOSyaZoc7QNPnP9TBfWSiwp:z9VkhhrdYK94IgqHniOSyaZoc7QNPnPP
-
Modifies security service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-