Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Noil.exe
-
Size
75KB
-
Sample
230414-k4w19aag2y
-
MD5
270aca061222d321f75a55f6101effdf
-
SHA1
59a05a423b281731925d48eed64bd085e5160415
-
SHA256
5f316cf619f266cad568cef01b6db246556cc6df5d1f70764480e5afb0cfb6cb
-
SHA512
2de8330e978d32a0280018cba390d5b48893bca99cbfbf37ee3a57ddd43fd6b391edeb7cadc7019ae302b3c029c071edd336eb06177af160eb9fb3d823d3f759
-
SSDEEP
1536:zFVe2NtQEYi5qLAgNUnXTIE5YoKbkB9ozdm6c0DnOO+WAqMk:zFUwcmqLNyTYTbkbSZnOO+Bk
Malware Config
Targets
-
-
Target
Noil.exe
-
Size
75KB
-
MD5
270aca061222d321f75a55f6101effdf
-
SHA1
59a05a423b281731925d48eed64bd085e5160415
-
SHA256
5f316cf619f266cad568cef01b6db246556cc6df5d1f70764480e5afb0cfb6cb
-
SHA512
2de8330e978d32a0280018cba390d5b48893bca99cbfbf37ee3a57ddd43fd6b391edeb7cadc7019ae302b3c029c071edd336eb06177af160eb9fb3d823d3f759
-
SSDEEP
1536:zFVe2NtQEYi5qLAgNUnXTIE5YoKbkB9ozdm6c0DnOO+WAqMk:zFUwcmqLNyTYTbkbSZnOO+Bk
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-