Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Notice86x64.exe
-
Size
6.9MB
-
Sample
230525-qdtq4aag9x
-
MD5
bd294af66e42c317ff4bde406043e918
-
SHA1
c508e4ca273dffca5966cb41f13ec3bb78034108
-
SHA256
4645c34b63cfe2e839c31994ae00756b38bae0212aceaa8875d69c176e14de3c
-
SHA512
1e66e6599a6d0b1d9ef1426349bb69e0379997f7d6fbc8f518033062d617af86588c668a8a29841798df2f87566f28834651b9cc57af6e1951eeda432b3fa357
-
SSDEEP
98304:qSipzN7QKKSW+Aic8vBquYafPwy46kubjHZDMRpSwme6K8VrpPobS+I4:qaSW+Aic8ZqRawhubTiX0etc+I4
Static task
static1
Behavioral task
behavioral1
Sample
Notice86x64.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Notice86x64.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Notice86x64.exe
-
Size
6.9MB
-
MD5
bd294af66e42c317ff4bde406043e918
-
SHA1
c508e4ca273dffca5966cb41f13ec3bb78034108
-
SHA256
4645c34b63cfe2e839c31994ae00756b38bae0212aceaa8875d69c176e14de3c
-
SHA512
1e66e6599a6d0b1d9ef1426349bb69e0379997f7d6fbc8f518033062d617af86588c668a8a29841798df2f87566f28834651b9cc57af6e1951eeda432b3fa357
-
SSDEEP
98304:qSipzN7QKKSW+Aic8vBquYafPwy46kubjHZDMRpSwme6K8VrpPobS+I4:qaSW+Aic8ZqRawhubTiX0etc+I4
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Use of msiexec (install) with remote resource
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-