Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Comprovante-KMvy71.zip
-
Size
26.5MB
-
Sample
230630-qtjaasea6z
-
MD5
e806b8e03ca4f582f67624ae90b0a854
-
SHA1
e8059e6b46723a842e228f6cbaf0ea2052360778
-
SHA256
3f757d7f910a2397042fa3734b085791329036b31f161e6b6fd585491af48661
-
SHA512
6ba4ca5ad35fa8f56c34d14fe8c4d404244abdc0255e5a63c88aefeee7ceeb4f6dac7406cfe7faf8b1b78656e74ec132b18c304b302b81ee27b2f79d7ff31d74
-
SSDEEP
786432:h1XESyxz1agrRYhs+3qnli1Z51ZO4pey/X11IJIQ9642YHl:h1X7yxzvlYhs+3TDYJIQ96kl
Static task
static1
Behavioral task
behavioral1
Sample
Comprovante-.msi
Resource
win10v2004-20230621-es
Malware Config
Targets
-
-
Target
Comprovante-.msi
-
Size
27.2MB
-
MD5
88c4c70a1e2896f7c4b378bb25f607ae
-
SHA1
d3e096fa83fdbcfe4b5a29f45cf3e0eb635e2ce4
-
SHA256
ac4e8acc2086f745b274ee623dd109cf76dabc51f26e758e069a23f9e3c671a4
-
SHA512
00da809e92a321893995b872407220f25091cfcc7010a9cee81152e43ce3153e51c75ef49b1bf9120668152131b64460b56f90f0b8a6af92545509ebd93b44db
-
SSDEEP
786432:88+kFjTmEfzC10uri5N2tlZLToAb0ABPnBejA0R0IKk1L:89kFjPrC10ubHBOjA0R0QL
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-