Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
856dc1ff81894c021e052abf46190e57.bin
-
Size
318KB
-
Sample
231101-b7jewsag94
-
MD5
5935078b14c29037caf5002a954d561c
-
SHA1
e7da9335ae6538324831012d8cce223cbf326515
-
SHA256
0e53cc398ab74bdc799c84cc780aeb538a464d3ddcb64514baef595b4020bc6e
-
SHA512
f1ca06e622c98ce9ebd8cb0439b609b625d77d6ec210e1b7a5459531038152df51b10a8e9271e4090914d5673d63e78aa0e849df236081693266bb6af8206750
-
SSDEEP
6144:BCub5gwp/nEUYw/VqrOAfbnN6yGNybdSRSn8w5E+A3O+s4+NTAF:t/p/EUErOATsJMSG8w5E3e+s4k0F
Static task
static1
Behavioral task
behavioral1
Sample
bf4fa4deac71c6c50cc93e2088424079ec5bec1188710beedde515f9b741f3bf.exe
Resource
win7-20231023-en
Malware Config
Targets
-
-
Target
bf4fa4deac71c6c50cc93e2088424079ec5bec1188710beedde515f9b741f3bf.exe
-
Size
575KB
-
MD5
856dc1ff81894c021e052abf46190e57
-
SHA1
9c526901e1c6e50b069fbaa463a746512dc7548a
-
SHA256
bf4fa4deac71c6c50cc93e2088424079ec5bec1188710beedde515f9b741f3bf
-
SHA512
830bd4afc9b29fb0d5a385377bfc243a69f11619e07ebfc8c890dbefda606809cde2934efff8ede365b0bc10b8c8422de85b60c9b9da3dd81a4e08c1d028ca11
-
SSDEEP
12288:MS4vdwKTNWuuRYqrggHp/bLf7daLBIlXSY4j+6qj9:aF7M0UJf7gtIlqjyj9
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-