Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

CDMX Línea 1.zip

windows10-2004-x64

1

railway/Ob...to.bmp

windows10-2004-x64

7

railway/Ob...up.csv

windows10-2004-x64

1

railway/Ob...lo.b3d

windows10-2004-x64

3

railway/Ob...o2.b3d

windows10-2004-x64

3

railway/Ob...UP.csv

windows10-2004-x64

1

railway/Ob...ro.bmp

windows10-2004-x64

7

railway/Ob...id.b3d

windows10-2004-x64

3

railway/Ob...ov.b3d

windows10-2004-x64

3

railway/Ob...01.bmp

windows10-2004-x64

7

railway/Ob...04.bmp

windows10-2004-x64

7

railway/Ob...op.b3d

windows10-2004-x64

3

railway/Ob...op.bmp

windows10-2004-x64

7

railway/Ob...p2.bmp

windows10-2004-x64

7

railway/Ob...p3.bmp

windows10-2004-x64

7

railway/Ob...p4.bmp

windows10-2004-x64

7

railway/Ob...p5.bmp

windows10-2004-x64

7

railway/Ob...up.bmp

windows10-2004-x64

7

railway/Ob...ro.b3d

windows10-2004-x64

3

railway/Ob...o2.b3d

windows10-2004-x64

3

railway/Ob...to.bmp

windows10-2004-x64

7

railway/Ob...o1.bmp

windows10-2004-x64

7

railway/Ob...lL.csv

windows10-2004-x64

1

railway/Ob...lR.csv

windows10-2004-x64

1

railway/Ob...ro.bmp

windows10-2004-x64

7

railway/Ob...ed.bmp

windows10-2004-x64

7

railway/Ob...01.bmp

windows10-2004-x64

7

railway/Ob...ro.b3d

windows10-2004-x64

3

railway/Ob...o2.b3d

windows10-2004-x64

3

railway/Ob...to.bmp

windows10-2004-x64

7

railway/Ob...o1.bmp

windows10-2004-x64

7

railway/Ob...lL.csv

windows10-2004-x64

1

Resubmissions

02/05/2023, 18:43

230502-xc2tmscb37 1

02/05/2023, 18:29

230502-w5bbqadh3s 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CDMX Línea 1.zip

  • Size

    168.8MB

  • Sample

    230502-w5bbqadh3s

  • MD5

    db30831475267b3b1115a36fe9c9c036

  • SHA1

    74728719c6cf0ce56f675492e2d273419978cad3

  • SHA256

    165ff0b7591afc3735ba3a16b21d12a61cda20aec7dc6fb6c346a65856d54394

  • SHA512

    794632a6bd0a6a0800cd30845e64b86acb7eda4fd706aa7e02a946255bb5730db46f8332effbfdd223217b2dede07dad477af641b8a0ce52d7dd4b9a391de575

  • SSDEEP

    3145728:SMAh+PBMmfUxtKBS6X1Ewf2LNDd+TpKRkb8kwNlR34HMnWxmdZ9Bcd3Iyyzb/tMV:SytW/6X1ERLZOpAlwJx+Z9EyzK6K

Score
7/10

Malware Config

Targets

    • Target

      CDMX Línea 1.zip

    • Size

      168.8MB

    • MD5

      db30831475267b3b1115a36fe9c9c036

    • SHA1

      74728719c6cf0ce56f675492e2d273419978cad3

    • SHA256

      165ff0b7591afc3735ba3a16b21d12a61cda20aec7dc6fb6c346a65856d54394

    • SHA512

      794632a6bd0a6a0800cd30845e64b86acb7eda4fd706aa7e02a946255bb5730db46f8332effbfdd223217b2dede07dad477af641b8a0ce52d7dd4b9a391de575

    • SSDEEP

      3145728:SMAh+PBMmfUxtKBS6X1Ewf2LNDd+TpKRkb8kwNlR34HMnWxmdZ9Bcd3Iyyzb/tMV:SytW/6X1ERLZOpAlwJx+Z9EyzK6K

    Score
    1/10
    behavioral1

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/Concreto.bmp

    • Size

      1.0MB

    • MD5

      a47b45603ebcdec3bdda81bce23f992c

    • SHA1

      ab0ebfac5678ead0ff175c69ca949de9a0d4fd38

    • SHA256

      94d0345c9cc6b29c964bd11e281d689b54c5f2e0f4bd3a215ee283db83107836

    • SHA512

      46ba0874e9d238f0e28ba9e1102d3d97e57eef3c402bd0f3a9478ebf234d84942551c41ec4bd3dd8a57bcafe5669e17654be7526352c01c5792ae3c25842d8e1

    • SSDEEP

      24576:VMjah7dYrGryzwz8LBxHYM7L7E7L0HkHWvemrYraKG5GdztH6K2Kd453y45jRRv5:navemrYraKG5GdztH592

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral2

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/ESCsup.csv

    • Size

      9KB

    • MD5

      bdd1a1761c64f80541486edffaeb7736

    • SHA1

      da15e7a03933e097b4ca1b79f89e5f110348f420

    • SHA256

      73b6d14d065d6bc030214df407f7af069b069f00b064e6e1b4c25c376f475c5b

    • SHA512

      688b90569758274e228e43548201985ba010fea9f900c339cc35d41a2152ac69b05a03a8f5d5cfce5e6d47282750314ba0954a9f04f6ed60fca6a14172123475

    • SSDEEP

      192:uLHGeS++hvY+akAmDUghGNs+iU3pYHYxwT8Qo/x1mt/oVtg9EloAR:CH2++hw+VAmUghisXU3pYHYxP

    Score
    1/10
    behavioral3

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/Suelo.b3d

    • Size

      672B

    • MD5

      a3743057ca830f7b931780a3e0a77783

    • SHA1

      9d3f655763e600a5691996ec14707292ae8d31bf

    • SHA256

      c5ae76340a39de7162090e9c6b7f031a1510bb4b351b56640db64c3024f4d74a

    • SHA512

      85e25af5019bcfae6f34601afbbb5a82f8c6528281f1a3f19dee55f52a869b44166b994af97f4183986af7924a707f63255c832c576e7d42de3a664243334ecd

    Score
    3/10
    behavioral4

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/Techo2.b3d

    • Size

      9KB

    • MD5

      d8a1f6f033fe64f7be1f4607523e40b5

    • SHA1

      ad00adf55505ce021c29a7d672503968cb3bd592

    • SHA256

      3498edeea1bf0ae8c29089a830cece657ffb7a5900488b2c59c840e729abede5

    • SHA512

      81ef93f510c8165c85e1bc4a842fa06c7f7a074f46d1d556e2ed677ac152a5355dff42c3bc8d0088ac45a783d3c06eaf79a08f1129473c6791c04da4224375b5

    • SSDEEP

      192:6coCdBPRGm/zT1VBFV+GcQZnVRH6XKhgkHIwDU4jm/zTAOVBFVDCGcQgcnVRHIDl:71rdt6azcAAD4OIDao7yg

    Score
    3/10
    behavioral5

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/WALLSUP.csv

    • Size

      664B

    • MD5

      ca074ddd9af8c15ff28db4f0f54beada

    • SHA1

      8695adb0b088f19c98dc3e98f064c747b354cae7

    • SHA256

      31ea835d2e4fb80d43147264699bff6e1c16cac38d93f505539118fa16923513

    • SHA512

      b050c59b1a14674166d10b9361ba801f78f299190ea075b9619dd1b83b72ae9b98ca44f079efa4c385658cb31e5a2cb9e382a0c7a648ccbed57479ff70fa2db7

    Score
    1/10
    behavioral6

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/letrero.bmp

    • Size

      256KB

    • MD5

      36326d66a9ef95e17cce3361b386f7b8

    • SHA1

      6e169df091fd812cf888e4a668521bda9ebf763b

    • SHA256

      38998cadb0de60461b26bdce5a9e4a0481de750996be514ae81ea2a8ac8e2935

    • SHA512

      79b890bebf22c2412cd64fd52d8f2ab45f341cbbb8dcd2a3f36528ff6ff13085af11a56e2d7888f694566fe94f8361d29e7d0ff0e4ae311d2072fb746fb7f70c

    • SSDEEP

      768:kiHvir/SrCdCnSrCHy4rdMHRVLXuWzN5+nqmt7ZTZbt7ZCu:kiHvir/SrCdCnSrCHFWRVLXuMNAqk

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral7

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/mid.b3d

    • Size

      1KB

    • MD5

      19a2928d39bb82f0b2057e5945cb121c

    • SHA1

      b087cb008305665271035387d81cf03323bf5725

    • SHA256

      7a9d11cd8b11c7080fcda8a185f6ab2ecca975ba9bc915d3109b84fabc2ca5f0

    • SHA512

      414f13703b506013865081b57853743dd00d2de19ab5d0ae422608783ebee0bb4884a0c647e10fe8e559be5fb9dd3db38a443824488964b0dd1f36bbb44b6c9f

    Score
    3/10
    behavioral8

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/techoprov.b3d

    • Size

      114B

    • MD5

      c870edfafb526d9ae22e25ab79df1e35

    • SHA1

      7cd70beacfb2410fb4e6873fdd7303ed37286e33

    • SHA256

      902b2a68248d2ffd31b92fc690ec724ce9a7c76d720ee3fdc0ab2ac0a11297e8

    • SHA512

      f9e0c9299d8d9c84a552f4d6dbdb2b7ba9fc8c8651ab5b3833d95b8d5b96a76e981675ac82d41386f3eda8adb7d1bccae3bcb82cc33b203a7d8fbfc3aa804db1

    Score
    3/10
    behavioral9

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/texture01.bmp

    • Size

      256KB

    • MD5

      52cf1004901ad2addd13194326c5e2f6

    • SHA1

      ca143b70e3c43442a896dceb384230630ba322ff

    • SHA256

      4590ffefd37a3ffcd792d7408b77059eac05c3b5605afcccae2fc286030959d4

    • SHA512

      676cff46a071cb53045f183727d4a528b7b2272025d20263d9e3a584eadd0e75f8557c28dcf371fc9b90b8bd27ccf35e246df2cf4482f326df6180a829948021

    • SSDEEP

      384:ZkWxkC6ykiBX6r84yL84y5qqeWfEwODXjErT/ZItctwWfuDoh3st4slcC1J12VJj:PORXIWv6jbyhGtF7OGZB0XF

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral10

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/texture04.bmp

    • Size

      1.0MB

    • MD5

      e6d1ecb3ff2c78de27e22c3af9d570ef

    • SHA1

      8ffba6f226324029d684ceeceb79f3bbfd590bdf

    • SHA256

      615adfd54e755136c733e5269135a13aa683d6a0835cdea372a8d402d97fda65

    • SHA512

      99f357e19d14ae541c94353cb25a18615dd562548da915321ce400c51f1c21a1589a2a9a7d26b06d150aff6fb33eb4aabf32df48747fc705053af4a2095181f7

    • SSDEEP

      12288:nW52jnsL0e6yEXlbGYZTf9weVMQvsC7rjrt6faYg2A0LqK/VN:nW8jsL0PRVbjMQvDsfa70jVN

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral11

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/top.b3d

    • Size

      3KB

    • MD5

      8300a085f911e15ba6dedf1d7c02aa49

    • SHA1

      351bd82418ddd669b8935d824cbf1365655e2d00

    • SHA256

      c00ef89a9fde6a38df10174b48cd3d886aaca2da72d7d816337663cb5f9cf911

    • SHA512

      cd82d1cc58c6babfd768c200f1b5f7ef5fc2e3dbbe67542ae4eb1ed228f48d143c683de8c9f4f5b885767bfb5ee7065e01de3110c3c1bc2955a5f24934df6358

    Score
    3/10
    behavioral12

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/top.bmp

    • Size

      256KB

    • MD5

      086687d201eb04823dba777e089cd211

    • SHA1

      39493319ca2ddde0f861cc820e7f19d6924d0215

    • SHA256

      3c02dc607944534ba7e55550ddcef85fe68dc3f639dd5db02c6cc1144117994d

    • SHA512

      44045c001657d8d75b84412b4bbec58bffe7a976705c8e28efa7cfd1529516ed23291276b8380772fefda007588a0f66bcf4f5ac810edaef8fbcf9b9e4806e03

    • SSDEEP

      6:KKlsESYPvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvn:K+/J

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral13

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/top2.bmp

    • Size

      256KB

    • MD5

      00caf9c23a58f63c533dd578469483e4

    • SHA1

      691aebf372a947bf272ef7e907029946c9bcf148

    • SHA256

      ea03b634f8adc97c7218332a9e1662a4c32c6233c0cec8371e2f515811cf7745

    • SHA512

      0d02be7f300633e658042c32dcf09efc64637551af50dce3b016c02369d4aa93062137b192afbede0f300133534a1576db4ca02e34e3387d81de1e9fa4cbba1a

    • SSDEEP

      3:KtTvklslaxllTo4:KKlsEi4

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral14

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/top3.bmp

    • Size

      256KB

    • MD5

      803d73ecc8d08a6f5ec497bc94bcc475

    • SHA1

      da6aaac6eae913b41e1502d89b99d2bf05525f3f

    • SHA256

      94c4f2fc6f81e5b174b29fe136d706eaa1a1d4cda288fb0a7eee5316b061bca1

    • SHA512

      badc3c186147eafe391fde6f01fd7d0a8ffd14c73a93e0734977202d3f9464e8ba26bec80104907cd4d844ccce117b6525e0968e2c541415f97492e46a005067

    • SSDEEP

      6:KKlsECfffffffffffffffffffffffffffffffffffffffffffffffffffffffff3:K+/

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral15

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/top4.bmp

    • Size

      4.0MB

    • MD5

      041ddd1a0d2b9980f5e2eb9356756fd4

    • SHA1

      50d4caf219475a3e5281e2c265e57910ad61f11c

    • SHA256

      8617c356498fd2c0613f8c25d9f7d882b15805c9e0b0eb4a542d311d81d3a1e1

    • SHA512

      d858cb4a602a29ac0ed681481728f128eaf8cbf74710b8c244fd03c5b255430b4848e185f790ea34bccebbd472e15f9c267990904b54ead45cdd7317c940a49f

    • SSDEEP

      98304:rDVLmaXPYXPOYrxg6+IcscUWZYa4H1/eJpzxZxi+ek0d+V1+Vl:c+V1+Vl

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral16

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/top5.bmp

    • Size

      256KB

    • MD5

      7f43c5b8eccea3a432ebb72b8c20455a

    • SHA1

      55a3e5cf85f51efc62db89b77ee037de9489faa3

    • SHA256

      c487a3d45f580c054a0b8fc80aa81b023273a12b553eb6c59756b1ba471be1ad

    • SHA512

      c0f55a32b39d781cfe56f80b7878c1488ab9b43baf7dc8f4ecc3c63bf7481b90f969a6449b9675dddf1e145042a2982360468863f16ba9911afdf7f9b5167b9e

    • SSDEEP

      48:GSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS8:FXXaH3H3HpYqYqzwKwKwnPPv

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral17

    • Target

      railway/Object/1/Estaciones/1 Pantitlan/wallsup.bmp

    • Size

      1.3MB

    • MD5

      6dcb1db39ed4a32f5dc028f6189ebcc6

    • SHA1

      98e190930d7f70edb2fabebd59c6778bfa57d9b0

    • SHA256

      3da16e378003af8fd3654e0d67ad739ea0502e9ccab4b3f25e6a8cbb06453118

    • SHA512

      1d3eecb8c3cc9bafeee55c8e7647b10b9296f24eeec4f0a27b1f7abc40f2e165d4f10918ae95bb4fdf58244dc2f53c45e051b0e6f4a794709acb80bc7a56d979

    • SSDEEP

      192:F1m+gERBQMOEyJmxMdJaNYj62mE1YNgEQsDD6h5YsbBMU:PmVERbywCi6j62mE1YNgi6Asbr

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral18

    • Target

      railway/Object/1/Estaciones/10 Pino/Centro.b3d

    • Size

      7KB

    • MD5

      f9584a3710ed6686c8fa249297b45a1a

    • SHA1

      c31dac7b85e72ef8083080d1d46a7d5401f6a4ef

    • SHA256

      1530c4d42790f433d29b335f9e3700594bbcc9548f4cf236c3acf68fca1cd92d

    • SHA512

      8831cec70b1f2370c4e88cc58f6ee0ebbd1fe221985656e56f563725c618d9b6f57edf198f99df050de68eb0c2d9334984a32821e772a90af8de7150b0e74a7e

    • SSDEEP

      96:Hi3RCLl8rRIhtQ/81LTZoWqidEOSEOvEOkEOcEOAEOOEO0EOeEOMEOEikWckJOUE:HEBfulUStCtj/

    Score
    3/10
    behavioral19

    • Target

      railway/Object/1/Estaciones/10 Pino/Centro2.b3d

    • Size

      8KB

    • MD5

      f7da9bef631fa33702fc948117ccf3f8

    • SHA1

      06d1351c150829c20c9f862e9ffd110ae0dd0543

    • SHA256

      336a923c75be0cfdccc6eb5186d10149dc06500edec66c21f23704a8200ee392

    • SHA512

      f7215b45c72ad38c579d4f2aee253152c0029da2d649349f1f37a6691b4f1889b4b7f69f974af867d6cca6d95a37ce1127cd8538d5d004896c0c150c5fe73796

    • SSDEEP

      96:Hiayl0LUyt4b0bMyBe7lCFZGSRkCWSkEO3EOWEOHEOvEODEOzEOXEO1EOBEOIi0f:HfxPBTzz/6osldjuatjn

    Score
    3/10
    behavioral20

    • Target

      railway/Object/1/Estaciones/10 Pino/Concreto.bmp

    • Size

      1.0MB

    • MD5

      b4672c6bb08448c831e9533a31356fa0

    • SHA1

      09c68058abed14f16dbf6b9b626f0fef75ca723b

    • SHA256

      bea7e1ebec123a34dc1e5213d6d2fa7ffd179335e0b88a9b6615d5f2f4eac0e8

    • SHA512

      1434ea2ceebfbe8a63b38b7321e06e16d52a6040cdc1185a36ce9d4fbb8934d80130b63bf8055a6d9ee84be6f6fe9aad2366d3a3da60aa908c62b27cf5019535

    • SSDEEP

      12288:CYsXxXYsXxXYsXxXYsXxXYsXxXYsXxXYsXxXYsXxg:j

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral21

    • Target

      railway/Object/1/Estaciones/10 Pino/Concreto1.bmp

    • Size

      1.0MB

    • MD5

      d64632182db238490a6221805e8bbd90

    • SHA1

      e3e3a1be1e730d8941f3d470807e02e10dcdf096

    • SHA256

      965320632388ae653bd78b5c3a230aee5c61b8ebb604bb09efe8c92678897a63

    • SHA512

      b39996ed4f62bef313a89251c2a38d72c20f1d0914f6dc29fa40f4271fe2cec755abbb905a08077a7c02419ad2d42bfa4020f8709590107e0db00468e29f7849

    • SSDEEP

      6144:wns8Kt303TrlzgATAwnPMP1PkPhZgCNCReH38At+JO7SBsi5voOfyKv2tA/w/16p:NurNfPwNC3+J5kKv2oXQmP7a6CU

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral22

    • Target

      railway/Object/1/Estaciones/10 Pino/WallL.csv

    • Size

      1KB

    • MD5

      cf6499254d9978af7f8b1d940639559c

    • SHA1

      01d326e6050230e9af998ac36efd850de78be48a

    • SHA256

      55d3fd6aad09d97a143fdf5369357cad9b993fe6433488c7c31348364b979f39

    • SHA512

      754345c467532a49f3a0d7d62b301ec6c16093a4153e9ef48c48a43aa774b4790271ff850a7e4ee2b5d266b4e80b609c1de492af37355be517b42cf45ff2f28f

    Score
    1/10
    behavioral23

    • Target

      railway/Object/1/Estaciones/10 Pino/WallR.csv

    • Size

      1KB

    • MD5

      da1dcbe1b1388879206172b6bc7107f9

    • SHA1

      65d031d31bcceb3c231866c827bd9fe0ff900751

    • SHA256

      2f0ed8d2c4ad2fc039ebbfad13dc263b20d11f47a4be39faf8757ee33e6cd34f

    • SHA512

      7ed293985f0e65f54bd4f8e5dc69c027ef702f2bda7d8c3b69091fe47d7c58a9dfd0008aa3f9d7992cab2de6de56d90e7b52d40aef8654ea39b04daa60447823

    Score
    1/10
    behavioral24

    • Target

      railway/Object/1/Estaciones/10 Pino/letrero.bmp

    • Size

      256KB

    • MD5

      f22c659dfd6feeae4016b26021700c41

    • SHA1

      4105915398a5f5728ae644cfd8795c59977a72ef

    • SHA256

      59199d278693f3c9de89ec70fb16cd48c34c8ef2e3c6ec68d8aeff2f799aa754

    • SHA512

      0efbc86477a660a87ae3ea2f339c6f847b6e17c8e25ee392b942c801ac6b46a658413462696497393f14ad299a33162c7b29fae8bd17355f796a437f3eb8f706

    • SSDEEP

      6144:+Bl/WhjCg2yrtgkAkYg988/IIOf/+73YojP4p4KnZbJssyXWfaEwWuWULX1:bjHV4g98SII0/WjP4pvnZbFoX1

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral25

    • Target

      railway/Object/1/Estaciones/10 Pino/pared.bmp

    • Size

      1.0MB

    • MD5

      6a6ad130ba33611a413a504933f15729

    • SHA1

      e2ba19d74ccabe1be1db285c1f8c55bb18d391b3

    • SHA256

      6912abc7ed2b4eaee373967728fb584065df9bca04da700d9aeb522890009bef

    • SHA512

      0d195100249a5711afaab0635fb0ad9e0da64f5ac6beb8e5af1465ca8ed874b58c22ce0696c2b5f7492b571cbce1e89797d85f7c0c00ae169c418d561cd3cd78

    • SSDEEP

      6144:XlCvjmutml54CSmLyk+gWxmEMemYgO9kFkuw1YlpBrVrVMpYzpUj2rZm97pArqj8:XlSfrk+gWxmDemYTA9VRMqmE2jeBFf

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral26

    • Target

      railway/Object/1/Estaciones/10 Pino/texture01.bmp

    • Size

      1.0MB

    • MD5

      9cc9c7109bd682c26ab063d696635bdd

    • SHA1

      77967c3987703664b93f56edf6acfb964e1f2084

    • SHA256

      7bd8235196f541207f9926f9f37ada6170576c8df82b298432a13268305dbd01

    • SHA512

      032fae5b0b21b9199304dfcaf8b79522319c35aab9e0e04e33e7875ca45be0ac85a1db04d87b28b9d09c11db5a23615ead9678816e0b667a314f708a2f2c98d1

    • SSDEEP

      24576:xpYDYYYYYYYYYYYPtaaamIooooovvvvg6L4N/C3qQUUNNTfBAXXX69DV7mtstVtb:xpYDYYYYYYYYYYYPtaaamIooooovvvvL

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral27

    • Target

      railway/Object/1/Estaciones/11 Isabel/Centro.b3d

    • Size

      8KB

    • MD5

      85f0bee9d8e75227088b7e9b74194494

    • SHA1

      115189a84f8bba758e704f627ade022cd85d56b6

    • SHA256

      af00ed2e2ce8bcd46608fe20705bda55175c3fa616d6ce448d7119797e414de6

    • SHA512

      b3b75a09d2e9876bc87ce192f8c888f2ca3458d78097ef57d9e820a9a9701bdb590d567fa99241ca6632e23c21769763a77e601968f4f1b513feba42fc28edc8

    • SSDEEP

      96:HigWKg/7n2WKk/HniWp/jniWF/7nbEOUEOvEOkEOcEOAEOOEO0EOeEOSEOEiwWjG:HqKq7PKmHj1zjZ7uCTB8a/dagtjq

    Score
    3/10
    behavioral28

    • Target

      railway/Object/1/Estaciones/11 Isabel/Centro2.b3d

    • Size

      8KB

    • MD5

      bb12f966b65fc9603a02b176d2a0671d

    • SHA1

      977fb0f6c0f85d3088edd3b5b17b5904f29ae2e2

    • SHA256

      2c7095663729845fb509385cc19973b30b3a4d3f95036e8de7c338d8e72d7be5

    • SHA512

      2e51886633de06b9126245609f3f8f5cdc53ec8171cad36b8034f39141ca80c0dc616a35482622e1cac9d1ae0cc5364d0dbe47836c2b5f3d545dc89780a45c33

    • SSDEEP

      96:HigC0cyn+0IyDcCSSPwCaSkEO3EOWEOHEOvEODEOzEOXEO1EOBEOIiwWj/18KWdV:HR9hppbJT6CTKbh/v6Mtjn

    Score
    3/10
    behavioral29

    • Target

      railway/Object/1/Estaciones/11 Isabel/Concreto.bmp

    • Size

      1.0MB

    • MD5

      45c3845261ef105da96d397281934d62

    • SHA1

      c6bdcfce1415323835c2ac40b9f3523c63207364

    • SHA256

      e8c9a8ca3166d7808d1477b33c2b36ead2c2f90a6bff4786478ba6c7a52c2b98

    • SHA512

      47297b6d3a1bce1affeff9e751502a9f12fa26ec0bd354adb69e313cf901fb7a2a9820341488633fb4a36bf6a3c13e3aaa9cb8752bea188caaf88b9d4f37d741

    • SSDEEP

      12288:Ks2BM/07PixTfFMdp3SdV/VAd96xDPGSaA4KrLg02VlYhzbBslL/4B7Q:Ks2BM/0T+fmdp65YASlYhJslL/46

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral30

    • Target

      railway/Object/1/Estaciones/11 Isabel/Concreto1.bmp

    • Size

      1.0MB

    • MD5

      a84e8abe5319baf9970b8a7bd3d79fa3

    • SHA1

      47ce5662ff61a0f702c55ddfa9a51c9d1ec85b9c

    • SHA256

      ec8636dc47bb9e3b347e22f58008f094723b240d172facf73cd994772374f35c

    • SHA512

      906c09dd11b942e4ce1cb4da85c6fb1817caaa64837a23641657baca84eddd9600e2e4fa1ece81fabfe7e14c863baa45212a73213bc9a55af8b6a403df4a96e0

    • SSDEEP

      3072:/4zA24zAp4zAR4zAy4zA24zAE4zAR4zA8:A

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral31

    • Target

      railway/Object/1/Estaciones/11 Isabel/WallL.csv

    • Size

      1KB

    • MD5

      194bc9560d9054511319e9f30175b8a1

    • SHA1

      1142246bc060f6a148579e2adbfb7b7783bf437c

    • SHA256

      ceb8a0080242e01a533daebddb3f6d62249823d342d03161efc177134d0efa6d

    • SHA512

      c85b0a6694eba71e82518a496d7cac1ff9a8c32dee8a35fa82f40defd9d77d2dca351898aaea25986d433aa5335fbadc8c47335d9f1e0cd5e9c5dcf14a651935

    Score
    1/10
    behavioral32

MITRE ATT&CK Enterprise v6

Tasks