Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
1.9MB
-
Sample
230206-qectzahc7t
-
MD5
d1949ae00330d3c0f7cc282d2f6952cc
-
SHA1
f94a50cdd1aff1fe2f7f4135647df2a680ac3e79
-
SHA256
0f1f360e32236b3af68ae241d8604a202c3de6d93603163d2af21364263fceb7
-
SHA512
0f1499ee262e56c4771490fee60c4d76ba8625b6b5004ca73be437c6f17e5a358237c03fc78da07c6a7043ef52252f73cdadd4635c5eef38dbe5cc3fd36b2730
-
SSDEEP
24576:Nx2pKMUGjuNYmUeV5CMl307hOhkMIIj0VOyp2VmmBgbc2vLmmsanDJY++JyBBT9:Nx4U2mV6MV28m9vF2/2c29YjyBBx
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
1.9MB
-
MD5
d1949ae00330d3c0f7cc282d2f6952cc
-
SHA1
f94a50cdd1aff1fe2f7f4135647df2a680ac3e79
-
SHA256
0f1f360e32236b3af68ae241d8604a202c3de6d93603163d2af21364263fceb7
-
SHA512
0f1499ee262e56c4771490fee60c4d76ba8625b6b5004ca73be437c6f17e5a358237c03fc78da07c6a7043ef52252f73cdadd4635c5eef38dbe5cc3fd36b2730
-
SSDEEP
24576:Nx2pKMUGjuNYmUeV5CMl307hOhkMIIj0VOyp2VmmBgbc2vLmmsanDJY++JyBBT9:Nx4U2mV6MV28m9vF2/2c29YjyBBx
-
XMRig Miner payload
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-