Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Nudes-Package.exe
-
Size
61.6MB
-
Sample
231013-3bqmwaeg71
-
MD5
5878ff6a893ec47b030764f57a936570
-
SHA1
a536f10d58839840c52864346770e07653a5e083
-
SHA256
84de63be52b250f105faba956d156d281936ca549da87bb95481eb471153c5b9
-
SHA512
5b598e96bfb799a3996c5d53a850037f628ba01062f54f7d78b557c4c54b624dcc9f0e6d79e8521ae56379738e205dfa62c995c5fba9684a60b94c627d4ec389
-
SSDEEP
1572864:em60VAXfHPL5aaaN6bPQf7GU4znl3hcuaW460Eka:V68GHP9aPAa7GU4zl3hpaW460Eka
Static task
static1
Behavioral task
behavioral1
Sample
Nudes-Package.exe
Resource
win7-20230831-en
Malware Config
Targets
-
-
Target
Nudes-Package.exe
-
Size
61.6MB
-
MD5
5878ff6a893ec47b030764f57a936570
-
SHA1
a536f10d58839840c52864346770e07653a5e083
-
SHA256
84de63be52b250f105faba956d156d281936ca549da87bb95481eb471153c5b9
-
SHA512
5b598e96bfb799a3996c5d53a850037f628ba01062f54f7d78b557c4c54b624dcc9f0e6d79e8521ae56379738e205dfa62c995c5fba9684a60b94c627d4ec389
-
SSDEEP
1572864:em60VAXfHPL5aaaN6bPQf7GU4znl3hcuaW460Eka:V68GHP9aPAa7GU4zl3hpaW460Eka
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-