Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e3daefbb33a22a70836b03a167f2055d91ccd76a006e21d528026a70240bf559
-
Size
6.8MB
-
Sample
231211-gpv9magbe3
-
MD5
febabba0e02bf4a7b7c90da5d9943b38
-
SHA1
c40bdb617a0948edfbf7864900b4124c8a83f111
-
SHA256
e3daefbb33a22a70836b03a167f2055d91ccd76a006e21d528026a70240bf559
-
SHA512
e09e9b54429c6f79b39b7292651b17400c4bdadb17b0c92d71d3c1cccf0b4bb25c689da943877e169be698b797ad527a1e66a6fe42c231caf87cb76be70b5bb3
-
SSDEEP
196608:xJlFvv7UOmCyb0An6pkgNRtP6hi1ahzBt3:PTTUOlybRnuTRtP6hiO7
Static task
static1
Behavioral task
behavioral1
Sample
e3daefbb33a22a70836b03a167f2055d91ccd76a006e21d528026a70240bf559.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
e3daefbb33a22a70836b03a167f2055d91ccd76a006e21d528026a70240bf559.exe
Resource
win10v2004-20231201-en
Malware Config
Targets
-
-
Target
e3daefbb33a22a70836b03a167f2055d91ccd76a006e21d528026a70240bf559
-
Size
6.8MB
-
MD5
febabba0e02bf4a7b7c90da5d9943b38
-
SHA1
c40bdb617a0948edfbf7864900b4124c8a83f111
-
SHA256
e3daefbb33a22a70836b03a167f2055d91ccd76a006e21d528026a70240bf559
-
SHA512
e09e9b54429c6f79b39b7292651b17400c4bdadb17b0c92d71d3c1cccf0b4bb25c689da943877e169be698b797ad527a1e66a6fe42c231caf87cb76be70b5bb3
-
SSDEEP
196608:xJlFvv7UOmCyb0An6pkgNRtP6hi1ahzBt3:PTTUOlybRnuTRtP6hiO7
Score8/10-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-