Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
x.exe
-
Size
320KB
-
Sample
231223-pww4hahhdn
-
MD5
c940e89943c98832a5738d260f16bf94
-
SHA1
b422d97d5d59fe0ac82bcb379e2c1d4a27f77618
-
SHA256
4001c4f249a156e7e9410886ddaf8ca7652689eb914a57d3bb17c1284f79dab1
-
SHA512
44587a723fa9d51d5dfb216181bdab33987aedd32cff30eec72363425b6de228a7bc51b84fc66214f81b4b398edc70723839d8e979f533595b140cb52bc31cbd
-
SSDEEP
6144:7DKW1Lgbdl0TBBvjc/RUizNnjLF00mpPGy5Bmfb1cdmhCq3t:Ph1Lk70Tnvjchnjx004uyefbcU3t
Static task
static1
Behavioral task
behavioral1
Sample
x.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
x.exe
-
Size
320KB
-
MD5
c940e89943c98832a5738d260f16bf94
-
SHA1
b422d97d5d59fe0ac82bcb379e2c1d4a27f77618
-
SHA256
4001c4f249a156e7e9410886ddaf8ca7652689eb914a57d3bb17c1284f79dab1
-
SHA512
44587a723fa9d51d5dfb216181bdab33987aedd32cff30eec72363425b6de228a7bc51b84fc66214f81b4b398edc70723839d8e979f533595b140cb52bc31cbd
-
SSDEEP
6144:7DKW1Lgbdl0TBBvjc/RUizNnjLF00mpPGy5Bmfb1cdmhCq3t:Ph1Lk70Tnvjchnjx004uyefbcU3t
Score10/10-
Detect Xworm Payload
-
Detect ZGRat V1
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-