Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4c5bcfc6a3ba65d8330ebf0a58a65fb17dcd68824ac9cb81c7102ce3d7268c36.zip
-
Size
19.6MB
-
Sample
230516-1k6dksbg9y
-
MD5
398ab25459fb2b3555290952780acd41
-
SHA1
fcc39958c354f3975af24955bea76a778431460d
-
SHA256
b269b349109526ca935b85e50e0054ffe0464b17de8d09880ae9e6c6fda029a6
-
SHA512
8dd66445e8195920ec4588ecd94acc0d30549f4d6566dfb308fa504941580a1ad2ef1dc7f05765e41c5565fce57db84907513ebe5225fdb72afa0bad48574e97
-
SSDEEP
393216:9L2zDeFfsNk3Wh7lM2Mbj/tMbxeQtvWNNY18MUgpIiR1:12zDeFfs63WvM2012eQNWNa8WR1
Static task
static1
Behavioral task
behavioral1
Sample
4c5bcfc6a3ba65d8330ebf0a58a65fb17dcd68824ac9cb81c7102ce3d7268c36.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
4c5bcfc6a3ba65d8330ebf0a58a65fb17dcd68824ac9cb81c7102ce3d7268c36.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
4c5bcfc6a3ba65d8330ebf0a58a65fb17dcd68824ac9cb81c7102ce3d7268c36.exe
-
Size
19.7MB
-
MD5
cc3d934c39b7d11e5b50cefb5c85b602
-
SHA1
b051466b718a82b3eedd47c850d8d59aacf40cbf
-
SHA256
4c5bcfc6a3ba65d8330ebf0a58a65fb17dcd68824ac9cb81c7102ce3d7268c36
-
SHA512
787d648266af21373fcb8796dc275e6ed6100cd109c46143dfcc4bb049ccb503f16bcd22bf8876b3d6a8a446b726809e3318ccd1900cbb34500abf0364df77a8
-
SSDEEP
393216:dm62/LAi1NKW2M+fMMBDmEqG/OBpsBZHOES5NQ94CwSpD1qb:dm62/EWMH1fJOES5NQKiPqb
Score8/10-
Downloads MZ/PE file
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-