Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
HEUR-Trojan.Win32.Generic-fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb.bin
-
Size
64KB
-
Sample
230501-yda8raga65
-
MD5
366aad320bb8a36a88491ad1d164cf09
-
SHA1
32e3c8c00cb87db06f8e65b2fbc7f04e08a14105
-
SHA256
fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb
-
SHA512
921b4d02d2944ea159d2d4623c5b3233bbbf574278e6f8f8f4b023c9b853c6d002f642beb78e316d643df3ab9043b0973cacb5a18a1776ba52d18fabaeff16d7
-
SSDEEP
768:jykKUSkyDjBSNBvSMIhK7VHQLvGdwFtg2dY6edSYQrq3RWD3Ghc5tTZ92th5Tk9x:SJEN8I5zGXgF6eIdq3Yym5l+tnP
Static task
static1
Behavioral task
behavioral1
Sample
HEUR-Trojan.Win32.Generic-fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
HEUR-Trojan.Win32.Generic-fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
HEUR-Trojan.Win32.Generic-fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb.bin
-
Size
64KB
-
MD5
366aad320bb8a36a88491ad1d164cf09
-
SHA1
32e3c8c00cb87db06f8e65b2fbc7f04e08a14105
-
SHA256
fc950f34ce2005659e7b76fed9a740511688e83f84d9d7d225c0e632750518eb
-
SHA512
921b4d02d2944ea159d2d4623c5b3233bbbf574278e6f8f8f4b023c9b853c6d002f642beb78e316d643df3ab9043b0973cacb5a18a1776ba52d18fabaeff16d7
-
SSDEEP
768:jykKUSkyDjBSNBvSMIhK7VHQLvGdwFtg2dY6edSYQrq3RWD3Ghc5tTZ92th5Tk9x:SJEN8I5zGXgF6eIdq3Yym5l+tnP
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-