Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c4e4ea1533f06c4a72b89a8e0dac119979a8d19ac76ec7fb2d3b02ad7bab4fc2
-
Size
480KB
-
Sample
230504-xfqwjsee63
-
MD5
f1a1a2bb6fa89262286e7872cbc41a08
-
SHA1
d41e9198483e44e2fe8d0f061f2d4cdc26cec8db
-
SHA256
c4e4ea1533f06c4a72b89a8e0dac119979a8d19ac76ec7fb2d3b02ad7bab4fc2
-
SHA512
c714e731a563b856785a36e307847787a869b1e20afe89c5210a394309b3e41a50eb946a437ab9be06f40fa065c91814bb97b3e3dc5a773ed1e49d3f3e36cd87
-
SSDEEP
12288:nMrSy90GDEftMK/soTJZ4q68cqjHT+Tsb:5yxg1MK/so1Z4j8Nz+Tw
Static task
static1
Malware Config
Targets
-
-
Target
c4e4ea1533f06c4a72b89a8e0dac119979a8d19ac76ec7fb2d3b02ad7bab4fc2
-
Size
480KB
-
MD5
f1a1a2bb6fa89262286e7872cbc41a08
-
SHA1
d41e9198483e44e2fe8d0f061f2d4cdc26cec8db
-
SHA256
c4e4ea1533f06c4a72b89a8e0dac119979a8d19ac76ec7fb2d3b02ad7bab4fc2
-
SHA512
c714e731a563b856785a36e307847787a869b1e20afe89c5210a394309b3e41a50eb946a437ab9be06f40fa065c91814bb97b3e3dc5a773ed1e49d3f3e36cd87
-
SSDEEP
12288:nMrSy90GDEftMK/soTJZ4q68cqjHT+Tsb:5yxg1MK/so1Z4j8Nz+Tw
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-