Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e7c47b32b17e4cd5ac8ab58bc0b921c8bf535cb57f4f59405eb91ed1c9831981
-
Size
479KB
-
Sample
230505-3kypvafb29
-
MD5
48de9ceadc58667c403a5ad152deda5e
-
SHA1
c1db80b77fb0013a1a5095e346b56d7527077353
-
SHA256
e7c47b32b17e4cd5ac8ab58bc0b921c8bf535cb57f4f59405eb91ed1c9831981
-
SHA512
588f50a04a1de9595a304c3b48f573f5676d9aca197ee2e63a75e6b5f9b4ff35f97046384a69424a8347cf1de117870f14c1e79624379118467a38387801dbf6
-
SSDEEP
12288:JMrby90MOQpDtQC1hnvdvLNAA4WwHtOudDSyQiQz:Wy+vAhnvdvppstzdRE
Static task
static1
Malware Config
Targets
-
-
Target
e7c47b32b17e4cd5ac8ab58bc0b921c8bf535cb57f4f59405eb91ed1c9831981
-
Size
479KB
-
MD5
48de9ceadc58667c403a5ad152deda5e
-
SHA1
c1db80b77fb0013a1a5095e346b56d7527077353
-
SHA256
e7c47b32b17e4cd5ac8ab58bc0b921c8bf535cb57f4f59405eb91ed1c9831981
-
SHA512
588f50a04a1de9595a304c3b48f573f5676d9aca197ee2e63a75e6b5f9b4ff35f97046384a69424a8347cf1de117870f14c1e79624379118467a38387801dbf6
-
SSDEEP
12288:JMrby90MOQpDtQC1hnvdvLNAA4WwHtOudDSyQiQz:Wy+vAhnvdvppstzdRE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-