Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fd08be7bfc5351e0adb51643e96c9ba3.exe
-
Size
480KB
-
Sample
230505-xn7t2ahg7y
-
MD5
fd08be7bfc5351e0adb51643e96c9ba3
-
SHA1
bf9960400999e949cee0c620e6a6211fc664d0f3
-
SHA256
fcf08da4f99acde5a1ecc10428a12f1317ffe341f75209d46dbf187f969b1d70
-
SHA512
1c7a16ac949a7e8bced5355aa77634b2682e48dcf38981b2b13605275f9218864997121ced734ef97eb28d2709815a74c4118fbcb25bd51bc2e9a7f49f9ec834
-
SSDEEP
12288:hMrKy90vJV/y47qd+ZeJaI1rkkVPva2F7okq/A:PyAX64reJLV3a2RoY
Static task
static1
Behavioral task
behavioral1
Sample
fd08be7bfc5351e0adb51643e96c9ba3.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
fd08be7bfc5351e0adb51643e96c9ba3.exe
-
Size
480KB
-
MD5
fd08be7bfc5351e0adb51643e96c9ba3
-
SHA1
bf9960400999e949cee0c620e6a6211fc664d0f3
-
SHA256
fcf08da4f99acde5a1ecc10428a12f1317ffe341f75209d46dbf187f969b1d70
-
SHA512
1c7a16ac949a7e8bced5355aa77634b2682e48dcf38981b2b13605275f9218864997121ced734ef97eb28d2709815a74c4118fbcb25bd51bc2e9a7f49f9ec834
-
SSDEEP
12288:hMrKy90vJV/y47qd+ZeJaI1rkkVPva2F7okq/A:PyAX64reJLV3a2RoY
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-