Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Order Sep 2023.js
-
Size
641KB
-
Sample
230918-qd8j9abg66
-
MD5
abcc8edc710ec4950ca9bf69cd99fb46
-
SHA1
d8ccde8c22a61fd95343a3fa1a6bfd735b95665c
-
SHA256
275216a98698d7dbd73a1c75693ef043894e7753711bc606f4de20719f7ec772
-
SHA512
892d5e10efbab46de530841d42ec7daf75df1e3755df5e1f406030adf8193a2207c5d1f02edfbb42c29123b5e8b954086295c024ce2e32b1a8c415e36fed85d2
-
SSDEEP
12:+E2qkhZXa4Ft+CH3fATkvA+72NAMchqV39yex+pBtg/6J35xmn:JWZ/XnHIToAXNArhIys+pA/2pxu
Static task
static1
Behavioral task
behavioral1
Sample
Order Sep 2023.js
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Order Sep 2023.js
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
Order Sep 2023.js
-
Size
641KB
-
MD5
abcc8edc710ec4950ca9bf69cd99fb46
-
SHA1
d8ccde8c22a61fd95343a3fa1a6bfd735b95665c
-
SHA256
275216a98698d7dbd73a1c75693ef043894e7753711bc606f4de20719f7ec772
-
SHA512
892d5e10efbab46de530841d42ec7daf75df1e3755df5e1f406030adf8193a2207c5d1f02edfbb42c29123b5e8b954086295c024ce2e32b1a8c415e36fed85d2
-
SSDEEP
12:+E2qkhZXa4Ft+CH3fATkvA+72NAMchqV39yex+pBtg/6J35xmn:JWZ/XnHIToAXNArhIys+pA/2pxu
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Registers COM server for autorun
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-