Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6d1cc5a00d9c1793d0970fff57f90ac7.exe
-
Size
827KB
-
Sample
230419-hqcpcaaf8z
-
MD5
6d1cc5a00d9c1793d0970fff57f90ac7
-
SHA1
162d7c6454a1b3f2dd3993515026844ecc44ea73
-
SHA256
afab6d6bbc05cd7b17f7f8f8ae3f3ca5908c15f85f012c79cd9de413e92acd10
-
SHA512
c9240e77bfd1f0cc71d0178948350efc2a01b3c16b4ab8b930fd5fefd4daffa96cd3064ac9c46159afa57deca8e66e944b07184d22388cf42b9336aebc339368
-
SSDEEP
24576:PyRF3F9+16/rzjpT5fCeoL7oSKN6k/ZDyH+49U:aHF9+16D/pT5fmnu6CZqT
Static task
static1
Behavioral task
behavioral1
Sample
6d1cc5a00d9c1793d0970fff57f90ac7.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
6d1cc5a00d9c1793d0970fff57f90ac7.exe
-
Size
827KB
-
MD5
6d1cc5a00d9c1793d0970fff57f90ac7
-
SHA1
162d7c6454a1b3f2dd3993515026844ecc44ea73
-
SHA256
afab6d6bbc05cd7b17f7f8f8ae3f3ca5908c15f85f012c79cd9de413e92acd10
-
SHA512
c9240e77bfd1f0cc71d0178948350efc2a01b3c16b4ab8b930fd5fefd4daffa96cd3064ac9c46159afa57deca8e66e944b07184d22388cf42b9336aebc339368
-
SSDEEP
24576:PyRF3F9+16/rzjpT5fCeoL7oSKN6k/ZDyH+49U:aHF9+16D/pT5fmnu6CZqT
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-