Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
46edb4a01db1f85a560fd31f0bb927fb.exe
-
Size
827KB
-
Sample
230419-jzeezaba71
-
MD5
46edb4a01db1f85a560fd31f0bb927fb
-
SHA1
8fcea243abf6aa39aeabb695cd73a5dbe1e1ccb1
-
SHA256
a49d4005d71990391e2c4c74797bff12132e10bb81f481221ea289d8637d2314
-
SHA512
4550d7df9e7686f434d01202cb80a94f894db9a3e91cfdca83046e3b23d0a043c91158fb5ef4c4a2a4d63d3e3bc7fb962e21d02390d70d8930a371500972fc13
-
SSDEEP
24576:pyEnNzfXZWZX/ACwznlUffChic48oaZQX0:cEnNzfQZX/fwrlUffoic/8
Static task
static1
Behavioral task
behavioral1
Sample
46edb4a01db1f85a560fd31f0bb927fb.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
46edb4a01db1f85a560fd31f0bb927fb.exe
-
Size
827KB
-
MD5
46edb4a01db1f85a560fd31f0bb927fb
-
SHA1
8fcea243abf6aa39aeabb695cd73a5dbe1e1ccb1
-
SHA256
a49d4005d71990391e2c4c74797bff12132e10bb81f481221ea289d8637d2314
-
SHA512
4550d7df9e7686f434d01202cb80a94f894db9a3e91cfdca83046e3b23d0a043c91158fb5ef4c4a2a4d63d3e3bc7fb962e21d02390d70d8930a371500972fc13
-
SSDEEP
24576:pyEnNzfXZWZX/ACwznlUffChic48oaZQX0:cEnNzfQZX/fwrlUffoic/8
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-