Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SecuriteInfo.com.Win32.RATX-gen.9787.5644
-
Size
677KB
-
Sample
230818-nt78baag4x
-
MD5
d850cf00d51bc4218cd3a7811f111ad7
-
SHA1
e8c31a8b122e0be1d714a612cf496ddf84a234a0
-
SHA256
1169ffd244039e5cca44ee8af96966f40637ca679ac59e4e3f71c49c8625734c
-
SHA512
332c1795e8b7a7a013e74602d704b3e1ab93cf0fb9196856fd2c5924d591a863ec9547477325e8091833f2744463698ff0d92931b9dffb3d6a980651c617603b
-
SSDEEP
12288:AMmHFFDO9S6WDBD45nafiYNSCX7LYg5Prkt:VmXO7utD9LYg1rk
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.RATX-gen.9787.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.RATX-gen.9787.5644
-
Size
677KB
-
MD5
d850cf00d51bc4218cd3a7811f111ad7
-
SHA1
e8c31a8b122e0be1d714a612cf496ddf84a234a0
-
SHA256
1169ffd244039e5cca44ee8af96966f40637ca679ac59e4e3f71c49c8625734c
-
SHA512
332c1795e8b7a7a013e74602d704b3e1ab93cf0fb9196856fd2c5924d591a863ec9547477325e8091833f2744463698ff0d92931b9dffb3d6a980651c617603b
-
SSDEEP
12288:AMmHFFDO9S6WDBD45nafiYNSCX7LYg5Prkt:VmXO7utD9LYg1rk
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-