Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
708e57865390f24449be8d2c202ffdf9517984bf96a82de7aacf6d5ec6f7adbc.zip
-
Size
976KB
-
Sample
230321-qq3vjacf6s
-
MD5
8be29c96aadf8874054024107c561aca
-
SHA1
1000cf1ba8745130621d7117c6866a52a6652bf9
-
SHA256
d3c7bffdf5e8ec66712569899f39526bfa53b85e434c64fb27c4092ca1b072e5
-
SHA512
f73f4213d24ca0e3ed8d61a85ba84882273846ad31f34edd8777c793b0b336f8d6aca07e88c031b0037e0bb9bf37be7ec13afb4d60ae2fa2dd3747ed6f4db0be
-
SSDEEP
12288:npgzB3dzDwuMxtvIuU5TbStT5Ij/VwctMUieP2bIrzUdnt5WE0NdTxeuVOIuwBFg:C1dzDwJtUpSl6DVM0GcdTxLOqjkWr0
Static task
static1
Behavioral task
behavioral1
Sample
708e57865390f24449be8d2c202ffdf9517984bf96a82de7aacf6d5ec6f7adbc.xls
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
708e57865390f24449be8d2c202ffdf9517984bf96a82de7aacf6d5ec6f7adbc.xls
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
708e57865390f24449be8d2c202ffdf9517984bf96a82de7aacf6d5ec6f7adbc.xls
-
Size
1.1MB
-
MD5
0b09e53e2fc33342c42fbc66473df157
-
SHA1
214ed38e49a874f7b4ac5b5e245ce165eb767f0c
-
SHA256
708e57865390f24449be8d2c202ffdf9517984bf96a82de7aacf6d5ec6f7adbc
-
SHA512
ecd2f83aafe9ffc384e1813509a218459f6c5656238f731d5721c9e45758f134b0f6d4ee3053519b54bdc85e486a937aae92fce01ceb7e1774759cfb064828a4
-
SSDEEP
24576:dLKjWQmmav30xY+MXUu9/41+MXUu9L3bV7+MXUu9s3bVn3+RoyPZNQ:dLKCQmmQ30K+MXV9i+MXV9L3bV7+MXVB
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-