Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3bcc1eb867ab61418fe7a99dcffa3734.exe
-
Size
769KB
-
Sample
230609-k3wn4ace3s
-
MD5
3bcc1eb867ab61418fe7a99dcffa3734
-
SHA1
cea3fa7f0358089e0ce7786606346d893c7be4a5
-
SHA256
5392bfbbc84541d99563511dfa736ec514642b68292089154e0126f0e9eddf37
-
SHA512
808350bc1ed22544ef1420398fd30db2fb2d400437b57ea1058e26bb8095c35f0167c3bce3b1369c2717187d21514cc561f3915c6ad70aa05446d05604e5c105
-
SSDEEP
3072:Zxyod3gsuVf/LxMmKvcAznwucfxBmN9Cm55l6bNU:xiflLK0CU7hyl6S
Static task
static1
Behavioral task
behavioral1
Sample
3bcc1eb867ab61418fe7a99dcffa3734.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
3bcc1eb867ab61418fe7a99dcffa3734.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
3bcc1eb867ab61418fe7a99dcffa3734.exe
-
Size
769KB
-
MD5
3bcc1eb867ab61418fe7a99dcffa3734
-
SHA1
cea3fa7f0358089e0ce7786606346d893c7be4a5
-
SHA256
5392bfbbc84541d99563511dfa736ec514642b68292089154e0126f0e9eddf37
-
SHA512
808350bc1ed22544ef1420398fd30db2fb2d400437b57ea1058e26bb8095c35f0167c3bce3b1369c2717187d21514cc561f3915c6ad70aa05446d05604e5c105
-
SSDEEP
3072:Zxyod3gsuVf/LxMmKvcAznwucfxBmN9Cm55l6bNU:xiflLK0CU7hyl6S
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-