Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0ef73e1a120d4d6976e8e23488b684f86159c214d30f6dbbc8e716b48674c3ce
-
Size
4.7MB
-
Sample
230531-ff4zqsch46
-
MD5
486ce67349a1f31a1426600888d189a9
-
SHA1
34d86e06380c2df67608dbf8f6487b5a6dc2d67d
-
SHA256
0ef73e1a120d4d6976e8e23488b684f86159c214d30f6dbbc8e716b48674c3ce
-
SHA512
128dd55dcf68b2b4d5d51f45edd1f7ee0e5814584177247cb114dbaec57448c5618584c18860a8bba636574d4420f554a6f8b189315c5babb2307b435bf75adf
-
SSDEEP
49152:yR2JYSU/rZmbmHSyC9lSiKWltiCEjGRzDB2Cv5EcH9XlM419JXjCQ01:m+bAEEiM41TX
Static task
static1
Behavioral task
behavioral1
Sample
0ef73e1a120d4d6976e8e23488b684f86159c214d30f6dbbc8e716b48674c3ce.exe
Resource
win10-20230220-en
Malware Config
Targets
-
-
Target
0ef73e1a120d4d6976e8e23488b684f86159c214d30f6dbbc8e716b48674c3ce
-
Size
4.7MB
-
MD5
486ce67349a1f31a1426600888d189a9
-
SHA1
34d86e06380c2df67608dbf8f6487b5a6dc2d67d
-
SHA256
0ef73e1a120d4d6976e8e23488b684f86159c214d30f6dbbc8e716b48674c3ce
-
SHA512
128dd55dcf68b2b4d5d51f45edd1f7ee0e5814584177247cb114dbaec57448c5618584c18860a8bba636574d4420f554a6f8b189315c5babb2307b435bf75adf
-
SSDEEP
49152:yR2JYSU/rZmbmHSyC9lSiKWltiCEjGRzDB2Cv5EcH9XlM419JXjCQ01:m+bAEEiM41TX
Score7/10-
Executes dropped EXE
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-