Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SecuriteInfo.com.FileRepMalware.30879.27903
-
Size
873KB
-
Sample
230823-bw4xfsad5s
-
MD5
caf76701dede999bd732180bfeb903d6
-
SHA1
9dc98f3c210b2b78381db8fb343b38383868f4e8
-
SHA256
a118bad62d2047fe8e2ad0cdb3aee9dd0be8daabd287e72e057531675feec3e8
-
SHA512
5263960477620ba81c5f8cdc9cb9961127074b1d80b1581d43a0079e85f543c1fb0230b1f31ce4e366f7d8878882ecd28b8ad89f075d4dc497899465100d716a
-
SSDEEP
12288:YZCeC1AgCsu2UL5Jb2k6woR6DSsijzmv4TsdqyL7W2NYpK/kumpP68rL9Um:AhC1yXLvR6wYsGzO/ahK/kumpP68rSm
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.FileRepMalware.30879.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.FileRepMalware.30879.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.FileRepMalware.30879.27903
-
Size
873KB
-
MD5
caf76701dede999bd732180bfeb903d6
-
SHA1
9dc98f3c210b2b78381db8fb343b38383868f4e8
-
SHA256
a118bad62d2047fe8e2ad0cdb3aee9dd0be8daabd287e72e057531675feec3e8
-
SHA512
5263960477620ba81c5f8cdc9cb9961127074b1d80b1581d43a0079e85f543c1fb0230b1f31ce4e366f7d8878882ecd28b8ad89f075d4dc497899465100d716a
-
SSDEEP
12288:YZCeC1AgCsu2UL5Jb2k6woR6DSsijzmv4TsdqyL7W2NYpK/kumpP68rL9Um:AhC1yXLvR6wYsGzO/ahK/kumpP68rSm
Score6/10-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-