Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
16/04/2023, 17:28
230416-v1237scd9y 10General
-
Target
WeMod-Setup.exe
-
Size
141KB
-
Sample
230416-v1237scd9y
-
MD5
5ec8aeda4193ec791606a73c67edadcf
-
SHA1
2c2765a19a18d60389a3d155ce378f65658513fa
-
SHA256
e91bb25102e7e4bbdb585f4b08807d64dc37b3ff089813482013d529723853a4
-
SHA512
d3807fc2afe67ce873886ce829a85e2d2af9cc3b06e68646b58433e32814e4481d2ba0222aba7b5509822d2046cbf0c896eeca5bc42165fcaa312d7b1a7d4507
-
SSDEEP
3072:Bojm4ILlCI+4COHCyhaEtHZkOpk97oc4ILlCI+4TOHHSafx:Bd+bwaEtHLhiHt
Static task
static1
Behavioral task
behavioral1
Sample
WeMod-Setup.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
WeMod-Setup.exe
-
Size
141KB
-
MD5
5ec8aeda4193ec791606a73c67edadcf
-
SHA1
2c2765a19a18d60389a3d155ce378f65658513fa
-
SHA256
e91bb25102e7e4bbdb585f4b08807d64dc37b3ff089813482013d529723853a4
-
SHA512
d3807fc2afe67ce873886ce829a85e2d2af9cc3b06e68646b58433e32814e4481d2ba0222aba7b5509822d2046cbf0c896eeca5bc42165fcaa312d7b1a7d4507
-
SSDEEP
3072:Bojm4ILlCI+4COHCyhaEtHZkOpk97oc4ILlCI+4TOHHSafx:Bd+bwaEtHLhiHt
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-