Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ESP9103Y8I2.exe
-
Size
758KB
-
Sample
231010-me9l6acg21
-
MD5
18b27a90eab7b1dbc290e0dd0033dbd6
-
SHA1
af7087f5dc0e72f15567e79f7cbb56fdcc347272
-
SHA256
5d7d1ac4ea18ac47a6a78b81e3bf144aa1dfaf693239239c7a8521b800d810f4
-
SHA512
9300b58349c4c4355508bbab846a16cf1038666978b49ee99cc8bd1ddc6178c7c6f5f0d787632c02e53944820699160988b7d0050f99d5b6ccde78e1498bc65f
-
SSDEEP
12288:4SX9KLxnYblqPQRGnpxcYi8KtZjrOQ5gndJGdC3LRqsD:4St+xpPQRMmjLMNI
Static task
static1
Behavioral task
behavioral1
Sample
ESP9103Y8I2.exe
Resource
win7-20230831-en
Malware Config
Targets
-
-
Target
ESP9103Y8I2.exe
-
Size
758KB
-
MD5
18b27a90eab7b1dbc290e0dd0033dbd6
-
SHA1
af7087f5dc0e72f15567e79f7cbb56fdcc347272
-
SHA256
5d7d1ac4ea18ac47a6a78b81e3bf144aa1dfaf693239239c7a8521b800d810f4
-
SHA512
9300b58349c4c4355508bbab846a16cf1038666978b49ee99cc8bd1ddc6178c7c6f5f0d787632c02e53944820699160988b7d0050f99d5b6ccde78e1498bc65f
-
SSDEEP
12288:4SX9KLxnYblqPQRGnpxcYi8KtZjrOQ5gndJGdC3LRqsD:4St+xpPQRMmjLMNI
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-