Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ORDER 03949.exe
-
Size
714KB
-
Sample
230824-lml1dsda3z
-
MD5
cf1b1278beb043e688ffa8440d0a4c3a
-
SHA1
8c793a3060b5bc8fd7c2ddd6b7bf9db52a05b0fd
-
SHA256
2fb6bc99ffadcb8e65b4db0e7df125ea0ffd455c6ff4aae04e775e87a4b51d8d
-
SHA512
7a4faac5aa927d68007fbb37cf3a247adf34f88ba503b9c531aeaea48bdc0ddcbdf09b9cffb8fbc557d30edd3ac435869643be2ce1dbc0de01a6693adfde6d7b
-
SSDEEP
12288:NdfSRtv2lq3PaTySO87/h34IpGjYK7DuqCOqehJB0YxdZNw2sKAA3P:Na2lq3yTySr7/B4yvrWB5hK2vAA
Static task
static1
Behavioral task
behavioral1
Sample
ORDER 03949.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
ORDER 03949.exe
-
Size
714KB
-
MD5
cf1b1278beb043e688ffa8440d0a4c3a
-
SHA1
8c793a3060b5bc8fd7c2ddd6b7bf9db52a05b0fd
-
SHA256
2fb6bc99ffadcb8e65b4db0e7df125ea0ffd455c6ff4aae04e775e87a4b51d8d
-
SHA512
7a4faac5aa927d68007fbb37cf3a247adf34f88ba503b9c531aeaea48bdc0ddcbdf09b9cffb8fbc557d30edd3ac435869643be2ce1dbc0de01a6693adfde6d7b
-
SSDEEP
12288:NdfSRtv2lq3PaTySO87/h34IpGjYK7DuqCOqehJB0YxdZNw2sKAA3P:Na2lq3yTySr7/B4yvrWB5hK2vAA
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-