Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6a37d13562f3ba6e8a17cca9987339ffd65174d2c0bbb62971b3f703bf675eb0
-
Size
647KB
-
Sample
231011-vqlngabc3w
-
MD5
d506fa33daeaefc7320cad4f8368a49e
-
SHA1
cbe2ac006d6737262fa6235c4d665abf060aaa5f
-
SHA256
6a37d13562f3ba6e8a17cca9987339ffd65174d2c0bbb62971b3f703bf675eb0
-
SHA512
01937ced7cc26de65de5b2e1d90236db20d305a242edb2d5c797e87f7731f045090eb20d6f2a29df315e5288fdc255a35ce6c75b79a3205b904c4731a54f8352
-
SSDEEP
12288:odKlE6JqhfYHRiaXwep2MEavfQFd6kCOuvZVr+jyaqoiEcPQWm7lBy2sWx:HKYHHvXwe4GQFd3CzQbNAy7zsWx
Static task
static1
Behavioral task
behavioral1
Sample
Confirmation.exe
Resource
win7-20230831-en
Malware Config
Targets
-
-
Target
Confirmation.exe
-
Size
884KB
-
MD5
29af861baff3d90185ed2ea3d47482d6
-
SHA1
ce58279e89cd1ccbb88b37e32be7d0115c9f1572
-
SHA256
e95d1407329d9bf135e8e44cf041709c4ce426d62144c772374d9b782f3bb399
-
SHA512
1277277c73e4d87e29add0112aac81a4b8edeada4fe49216cc6707c0cfc1c2cca9f522558c90243271da43a33715dada7a4e58933d5f4cc71839b31a3e570bf9
-
SSDEEP
12288:PnX9K7iSxwfEHtrXTutnP/XGvGVfb9Pke7Qs5RcFbpEK:PntU7NHtvenP/5fbZJMs5RMpE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-