Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ea718805d177fb6d9821a247fc59c16c.exe
-
Size
1.0MB
-
Sample
230425-hmgtwsha38
-
MD5
ea718805d177fb6d9821a247fc59c16c
-
SHA1
78304b42274040f0692978b05d93dc862f8c0806
-
SHA256
28b3f87f63216f32bedc5c0b4272155adfbf7a0441931d3066ecc22acec2791d
-
SHA512
3d5ec1e58ff6214d795a4026c3dd2a290d17636dda083a2fa37d8309ae73a2079b8761b050c75bcbe9ef0108cf7c2c92aaf5807687c11af62d2bd259a6a04eb1
-
SSDEEP
24576:Rqw0OA/oz/04YtRHw/tOWaqbkCimjVkaHtSv8I+h:L0Obw4Yt6OQlimjV3tSvc
Static task
static1
Behavioral task
behavioral1
Sample
ea718805d177fb6d9821a247fc59c16c.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
ea718805d177fb6d9821a247fc59c16c.exe
-
Size
1.0MB
-
MD5
ea718805d177fb6d9821a247fc59c16c
-
SHA1
78304b42274040f0692978b05d93dc862f8c0806
-
SHA256
28b3f87f63216f32bedc5c0b4272155adfbf7a0441931d3066ecc22acec2791d
-
SHA512
3d5ec1e58ff6214d795a4026c3dd2a290d17636dda083a2fa37d8309ae73a2079b8761b050c75bcbe9ef0108cf7c2c92aaf5807687c11af62d2bd259a6a04eb1
-
SSDEEP
24576:Rqw0OA/oz/04YtRHw/tOWaqbkCimjVkaHtSv8I+h:L0Obw4Yt6OQlimjV3tSvc
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-