Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
69dc425c1ab77f130abba1ab4c4395f8d7bba2ee10e600d6d340d344851a6457
-
Size
980KB
-
Sample
230417-q2fjdaed72
-
MD5
d721eb4b3a68e93eb2ddbe1e00f41a6b
-
SHA1
9329899ecb3d86a6a358daa072a9742ea6e0e8ef
-
SHA256
69dc425c1ab77f130abba1ab4c4395f8d7bba2ee10e600d6d340d344851a6457
-
SHA512
adc210e2a1669d4cb64e5f0ab6c35a159e0f39ff8d5bc2fc7b7c1a513e6a236ce55f4b84aba020e2acb3936067e1e74b13746b9a593aa2a86e036dc5a7b7ee26
-
SSDEEP
12288:fy90au6WSs/3XhVdyImvemPpOMgq/6oKZWBjYtL6r/bgr+lsxPusW54bYfC7JHxL:fycws7AI81PpPK4WtIdliPuOhNHxhh/
Static task
static1
Malware Config
Targets
-
-
Target
69dc425c1ab77f130abba1ab4c4395f8d7bba2ee10e600d6d340d344851a6457
-
Size
980KB
-
MD5
d721eb4b3a68e93eb2ddbe1e00f41a6b
-
SHA1
9329899ecb3d86a6a358daa072a9742ea6e0e8ef
-
SHA256
69dc425c1ab77f130abba1ab4c4395f8d7bba2ee10e600d6d340d344851a6457
-
SHA512
adc210e2a1669d4cb64e5f0ab6c35a159e0f39ff8d5bc2fc7b7c1a513e6a236ce55f4b84aba020e2acb3936067e1e74b13746b9a593aa2a86e036dc5a7b7ee26
-
SSDEEP
12288:fy90au6WSs/3XhVdyImvemPpOMgq/6oKZWBjYtL6r/bgr+lsxPusW54bYfC7JHxL:fycws7AI81PpPK4WtIdliPuOhNHxhh/
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-