Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ee882c7298dfb477789205f2e6be0aca489f9bbc07bbfbb25ff3c897b0b0b9d9
-
Size
2.0MB
-
Sample
231106-hm57gsbb86
-
MD5
396936c3276814680b90a5641f158dfa
-
SHA1
0b88285750160285e27f242ec480a9cf2b40f5b5
-
SHA256
ee882c7298dfb477789205f2e6be0aca489f9bbc07bbfbb25ff3c897b0b0b9d9
-
SHA512
4e838dc7771f2836f1caf40a2c05cfc874e0fdf4ed384879ca5719c0149b05b99998a90823de1af0e4a292c99a915fea0709557defa9c30f6d26db2bd73b3e21
-
SSDEEP
12288:SOuW5o/oStscy+4CWKKCrZTGF/k8uMxtxPvvzz5KnL/JLW8Wdvp/8DeBo1irkoEQ:SjSow18JbKkKF/eMNPjgI1rh
Behavioral task
behavioral1
Sample
ee882c7298dfb477789205f2e6be0aca489f9bbc07bbfbb25ff3c897b0b0b9d9.exe
Resource
win7-20231023-en
Malware Config
Targets
-
-
Target
ee882c7298dfb477789205f2e6be0aca489f9bbc07bbfbb25ff3c897b0b0b9d9
-
Size
2.0MB
-
MD5
396936c3276814680b90a5641f158dfa
-
SHA1
0b88285750160285e27f242ec480a9cf2b40f5b5
-
SHA256
ee882c7298dfb477789205f2e6be0aca489f9bbc07bbfbb25ff3c897b0b0b9d9
-
SHA512
4e838dc7771f2836f1caf40a2c05cfc874e0fdf4ed384879ca5719c0149b05b99998a90823de1af0e4a292c99a915fea0709557defa9c30f6d26db2bd73b3e21
-
SSDEEP
12288:SOuW5o/oStscy+4CWKKCrZTGF/k8uMxtxPvvzz5KnL/JLW8Wdvp/8DeBo1irkoEQ:SjSow18JbKkKF/eMNPjgI1rh
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops file in System32 directory
-