Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
DRDO-K4-Missile-Clean-room.zip
-
Size
69KB
-
Sample
230310-n7f1zsfc4v
-
MD5
0725318b4f5c312eeaf5ec9795a7e919
-
SHA1
9902348fc5dffe10a94a3f4be219dc42330ed480
-
SHA256
9aed0c5a047959ef38ec0555ccb647688c67557a6f8f60f691ab0ec096833cce
-
SHA512
f6fcdc223f464a6c1ba752a1fa03e1e9f283def2f7538aec3407685952989146fbd553fdf910eaaa209056e57211bff605bdd8aa032e05f1f40bfda5d1fadc46
-
SSDEEP
768:fVMoLgrq4x0g0Fls5a2zEVS5KhP0MZiTdAE+F7UtlQy0jqX4zUx7FvG8HQF4Uoi6:tvLgrq4xqq8NS5KXA+pH0OUtF7Qyi0au
Static task
static1
Behavioral task
behavioral1
Sample
DRDO-K4-Missile-Clean-room/DRDO - K4 Missile Clean room.pptx.lnk
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
DRDO-K4-Missile-Clean-room/DRDO - K4 Missile Clean room.pptx.lnk
Resource
win10v2004-20230220-en
Malware Config
Extracted
https://cornerstonebeverly.org/js/files/docufentososo/doecumentosoneso
Targets
-
-
Target
DRDO-K4-Missile-Clean-room/DRDO - K4 Missile Clean room.pptx.lnk
-
Size
70KB
-
MD5
ab11b91f97d7672da1c5b42c9ecc6d2e
-
SHA1
feeadc91373732d65883c8351a6454a77a063ff5
-
SHA256
a2e55cbd385971904abf619404be7ee8078ce9e3e46226d4d86d96ff31f6bb9a
-
SHA512
d788a83a323d04b9c43328d36adcc2ffc3b7fd52e1bdec3f7bbd7c9c14bb66d75003ea8df5a9ba60b798f5aacbfb684a4955c0b806347b1809f7290e75b826d9
-
SSDEEP
1536:ENN7MHOvYUpOQH8a8U2OPzCSyfU4YoBJrOZwHPnlThtIApDkU:hHOvY548a8Uxm5sx4JrOZIPlTHL
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-