Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bfcd453648a221e7d2e8c5ec99305b1e
-
Size
724KB
-
Sample
231220-ra4mkadeaq
-
MD5
bfcd453648a221e7d2e8c5ec99305b1e
-
SHA1
2529c153463838e274e853e2930cb4fd8ad85a56
-
SHA256
f2b8bb9af0e343127e524382b296a824cf502f5793624bd321ce52fc575a81d1
-
SHA512
032098f1595fe1190602040d0316e6550185280d6d3b0075ddbd94b98cc9919d15a26448619211c1912bb37074a5715248b366d23f759eb20b6ccf596ec083fa
-
SSDEEP
12288:lB6jfu9W5qVnpA1P9mTx87m7HGA04OBGaSuQalOZeW0dHNEX+pd167QhEQJ:n67MnVnpA1lmTx8MmA07AaSuDSwdyE6o
Malware Config
Targets
-
-
Target
bfcd453648a221e7d2e8c5ec99305b1e
-
Size
724KB
-
MD5
bfcd453648a221e7d2e8c5ec99305b1e
-
SHA1
2529c153463838e274e853e2930cb4fd8ad85a56
-
SHA256
f2b8bb9af0e343127e524382b296a824cf502f5793624bd321ce52fc575a81d1
-
SHA512
032098f1595fe1190602040d0316e6550185280d6d3b0075ddbd94b98cc9919d15a26448619211c1912bb37074a5715248b366d23f759eb20b6ccf596ec083fa
-
SSDEEP
12288:lB6jfu9W5qVnpA1P9mTx87m7HGA04OBGaSuQalOZeW0dHNEX+pd167QhEQJ:n67MnVnpA1lmTx8MmA07AaSuDSwdyE6o
Score10/10-
FakeAV, RogueAntivirus
FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
-
FakeAV payload
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-