Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
DamnedSetup.exe
-
Size
61.7MB
-
Sample
230610-3ladmsgg7y
-
MD5
aa2f460f18b6182077ccaef14e1a32e0
-
SHA1
6df435e09112594190dbdd39eb8b138b8c04b52c
-
SHA256
82f99623c166564ee2da03402eb0b6c282d9df66128a441a8d0237893343eae1
-
SHA512
d5de3e2aa2674f6fb22d8b02817df2575019a988e0b45506ebd056863131bb1abc421ebe97b7e860b61e26e8a50d67adabde6f585f2737815c079e5711da4b92
-
SSDEEP
786432:/avyqjtvARFf/Mrj5bWb/nQoa8uioaOfHnNFKVWkkbvSAgJDWq8+ugGe0Wl7:EtvetMtinHaBHNYV6vSAuZ8fgGe0Wl7
Static task
static1
Behavioral task
behavioral1
Sample
DamnedSetup.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
DamnedSetup.exe
-
Size
61.7MB
-
MD5
aa2f460f18b6182077ccaef14e1a32e0
-
SHA1
6df435e09112594190dbdd39eb8b138b8c04b52c
-
SHA256
82f99623c166564ee2da03402eb0b6c282d9df66128a441a8d0237893343eae1
-
SHA512
d5de3e2aa2674f6fb22d8b02817df2575019a988e0b45506ebd056863131bb1abc421ebe97b7e860b61e26e8a50d67adabde6f585f2737815c079e5711da4b92
-
SSDEEP
786432:/avyqjtvARFf/Mrj5bWb/nQoa8uioaOfHnNFKVWkkbvSAgJDWq8+ugGe0Wl7:EtvetMtinHaBHNYV6vSAuZ8fgGe0Wl7
-
Detects EpsilonStealer ASAR
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-