Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e34a10782d9dac4b81cbc788ac151fe3.bin
-
Size
8.1MB
-
Sample
230630-cr2f7sgg6w
-
MD5
e780ac6e0c5a944bd68d59f14ec12d4f
-
SHA1
66785ef3d6e512e575619193baff3af4423be7dc
-
SHA256
3ab1efbbb6afd2c8a9a182ce719d4198596d2ca24a3aae0c18c21e27cafd3f71
-
SHA512
5c8aa595c1e53fd25968e06125491b3b3c86c7022318c8b62c159f5f4037f23c1f4d63480d805d0a5e0dfbe3a8c5eb5bc865438bed5b4961a899a7f22a3cab17
-
SSDEEP
196608:Acky6Pmrl/YXRszXiaW3GEtZjQjBQw/lQCR+4xjIPE:A5b+B/JTo3GEzQjBB/WCHp
Static task
static1
Behavioral task
behavioral1
Sample
44de3cda2390b20b694a4121a3fcf1f940e2c5d50e5bcb8f13ce975c7fc962d9.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
44de3cda2390b20b694a4121a3fcf1f940e2c5d50e5bcb8f13ce975c7fc962d9.exe
Resource
win10v2004-20230621-en
Malware Config
Targets
-
-
Target
44de3cda2390b20b694a4121a3fcf1f940e2c5d50e5bcb8f13ce975c7fc962d9.exe
-
Size
8.3MB
-
MD5
e34a10782d9dac4b81cbc788ac151fe3
-
SHA1
21516e86b86b245fb6520ae16a69814bfbe9c494
-
SHA256
44de3cda2390b20b694a4121a3fcf1f940e2c5d50e5bcb8f13ce975c7fc962d9
-
SHA512
304a811b7608bd0da73e8f75c2c1b886b0cdc656e54993daf5c00b64622e6482cc8581e80fbdf8a4d8c8dcffe6053bec6a85354ccddbf3cfc5b63570340aac1f
-
SSDEEP
196608:whTb9B0BPrDz4pxgZZPy5RmStgxb/z6FDiSJXqeUh4mT7:eTb9epDz4MZZ4RmxYDiScfhH
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-