Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c4fc56b32007b5f825312b644829e7f9f0598ac6d3515b1699978192d3dc0e1e
-
Size
691KB
-
Sample
230426-w9dbwabb72
-
MD5
b57544bb18cce7544f83a57edcbb725c
-
SHA1
f0f9af56bcf1544abdff515c6616ab6e81b9d4f0
-
SHA256
c4fc56b32007b5f825312b644829e7f9f0598ac6d3515b1699978192d3dc0e1e
-
SHA512
c83211779184e7093e269f0671097080da904d452ea6376bba6c6a261261165292b09e01ebecf8fb400c20a82fef15750b2e3a5e3da6697e803e0c06ea80cf04
-
SSDEEP
12288:Ly90o+rVj07zIpZSeju4jnFC+Me2e7S/CANBOL46BBlw:LykYzIpUsux+32+ANslBI
Static task
static1
Malware Config
Targets
-
-
Target
c4fc56b32007b5f825312b644829e7f9f0598ac6d3515b1699978192d3dc0e1e
-
Size
691KB
-
MD5
b57544bb18cce7544f83a57edcbb725c
-
SHA1
f0f9af56bcf1544abdff515c6616ab6e81b9d4f0
-
SHA256
c4fc56b32007b5f825312b644829e7f9f0598ac6d3515b1699978192d3dc0e1e
-
SHA512
c83211779184e7093e269f0671097080da904d452ea6376bba6c6a261261165292b09e01ebecf8fb400c20a82fef15750b2e3a5e3da6697e803e0c06ea80cf04
-
SSDEEP
12288:Ly90o+rVj07zIpZSeju4jnFC+Me2e7S/CANBOL46BBlw:LykYzIpUsux+32+ANslBI
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-