Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e066fc71749b0a90749d3b8af5b53aa21bab9d43c63cddcb46c9b1f9ae5beb76.zip
-
Size
237KB
-
Sample
230311-s5ahmsab66
-
MD5
f33fa34da6f75bfba62f927745c755b5
-
SHA1
b677890f682900a02b12f9a9c90f69ef2ab4221e
-
SHA256
839ad937ac6537e0d72aee6fc8deab443bc5e2f472304058d032d7e7a3a27d35
-
SHA512
c84092f1bbc4c482f8d6a56f92aeb7c56bbbc1211007340f1bef83c8693f7c26f4df0a3310e6810d5b4eec6ebf96f1c8566038aa88228a66a9f570fb32481cfb
-
SSDEEP
6144:eSBE5d+lZH45hUm5JtN44hXJdS58fKaLuwiW:e0EWH9mXZhm56aW
Static task
static1
Behavioral task
behavioral1
Sample
e066fc71749b0a90749d3b8af5b53aa21bab9d43c63cddcb46c9b1f9ae5beb76.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
e066fc71749b0a90749d3b8af5b53aa21bab9d43c63cddcb46c9b1f9ae5beb76.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
e066fc71749b0a90749d3b8af5b53aa21bab9d43c63cddcb46c9b1f9ae5beb76.exe
-
Size
251KB
-
MD5
e25796ad27eb0153d8662e37d05ec56b
-
SHA1
47e308112a5b98f8b2d286bb09c4559b6021b3bc
-
SHA256
e066fc71749b0a90749d3b8af5b53aa21bab9d43c63cddcb46c9b1f9ae5beb76
-
SHA512
a425eb1df23630def72f07d528ad157b57d0291713e8969f590f5969688e559e9c2a37b2abf78c4ec650ea8d8edaa398d60ad26323c6679b8c7d30cb44ff210c
-
SSDEEP
6144:DYa6T344OhBM8I5Tq7kDaFqPocnRppmMgDN0h0wx/:DYRuhBz4anOa03/
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-