Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e6ce1897ece2f6cdd6c60aa4fa268d9cf6e887b2776130ec7c302d75edbb022b
-
Size
45KB
-
Sample
230327-h3yscacc37
-
MD5
0b08569ed102d22ba7c1c8f169f65009
-
SHA1
47ee1fa9d9d8cbe9b46bd1c235e1588b7ea53dc2
-
SHA256
e6ce1897ece2f6cdd6c60aa4fa268d9cf6e887b2776130ec7c302d75edbb022b
-
SHA512
c5ab603dada3cb129da4f93483a8119e8bf50494c656669bed9ebf3a158f3132f9948cede40cbcb8cae000d32528ef3434680db92976eaf978e273dfce168dc1
-
SSDEEP
768:H9tDb7iaMIn7zAEleijtWpIS6ATY+W+ZEn3lFEhuc2cIMKKmxcBAsYcRA:H9tTX
Static task
static1
Behavioral task
behavioral1
Sample
e6ce1897ece2f6cdd6c60aa4fa268d9cf6e887b2776130ec7c302d75edbb022b.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
e6ce1897ece2f6cdd6c60aa4fa268d9cf6e887b2776130ec7c302d75edbb022b.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
e6ce1897ece2f6cdd6c60aa4fa268d9cf6e887b2776130ec7c302d75edbb022b
-
Size
45KB
-
MD5
0b08569ed102d22ba7c1c8f169f65009
-
SHA1
47ee1fa9d9d8cbe9b46bd1c235e1588b7ea53dc2
-
SHA256
e6ce1897ece2f6cdd6c60aa4fa268d9cf6e887b2776130ec7c302d75edbb022b
-
SHA512
c5ab603dada3cb129da4f93483a8119e8bf50494c656669bed9ebf3a158f3132f9948cede40cbcb8cae000d32528ef3434680db92976eaf978e273dfce168dc1
-
SSDEEP
768:H9tDb7iaMIn7zAEleijtWpIS6ATY+W+ZEn3lFEhuc2cIMKKmxcBAsYcRA:H9tTX
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-