Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cbf4a5b2f16f7a410ee9448cdb836e6bd2cc91bc83cd0dec06c9e945cb6b6cd1
-
Size
37KB
-
Sample
231114-xj6q6see9s
-
MD5
0ecc699966b9511377c4f55c663de3f5
-
SHA1
05016cc58fcb5ce71efa7ec068e6011a24ebd272
-
SHA256
cbf4a5b2f16f7a410ee9448cdb836e6bd2cc91bc83cd0dec06c9e945cb6b6cd1
-
SHA512
d13dd526f18a96e8bf2512b2d63ac5f6ef3f2c42354fbd089a5503c3a1f79271775f27ecba2cc545addc5a3396bff1c75794fef6280126cb89bfe4c0f9e15772
-
SSDEEP
768:vaULlJmmFmP1WE5GhbIYuBJV0bAQY4cs+p5EFnniFJzup6rwp:vPJmmFmP1WKUbt4J6vLip5EFnniFk6rM
Static task
static1
Behavioral task
behavioral1
Sample
cbf4a5b2f16f7a410ee9448cdb836e6bd2cc91bc83cd0dec06c9e945cb6b6cd1.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
cbf4a5b2f16f7a410ee9448cdb836e6bd2cc91bc83cd0dec06c9e945cb6b6cd1.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
[email protected] - Password:
astanginamopo08159as
Targets
-
-
Target
cbf4a5b2f16f7a410ee9448cdb836e6bd2cc91bc83cd0dec06c9e945cb6b6cd1
-
Size
37KB
-
MD5
0ecc699966b9511377c4f55c663de3f5
-
SHA1
05016cc58fcb5ce71efa7ec068e6011a24ebd272
-
SHA256
cbf4a5b2f16f7a410ee9448cdb836e6bd2cc91bc83cd0dec06c9e945cb6b6cd1
-
SHA512
d13dd526f18a96e8bf2512b2d63ac5f6ef3f2c42354fbd089a5503c3a1f79271775f27ecba2cc545addc5a3396bff1c75794fef6280126cb89bfe4c0f9e15772
-
SSDEEP
768:vaULlJmmFmP1WE5GhbIYuBJV0bAQY4cs+p5EFnniFJzup6rwp:vPJmmFmP1WKUbt4J6vLip5EFnniFk6rM
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-