Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0470bc9b6883cab32f8e20ea352ed02d
-
Size
2.4MB
-
Sample
231224-ta64sshhd2
-
MD5
0470bc9b6883cab32f8e20ea352ed02d
-
SHA1
cd8eb96e56e852c1cb420b401a2c8c488aac8543
-
SHA256
44e6496622a32cf8b38caad776fd12c8698a5082caa1d5868e21386777d91646
-
SHA512
f1021aa68fd9d390514c16be897a4e442637f3cb62c6b7f553dd45b787ee1c2d963ed99d8e726d6650c509c5b6747fe17a806595a9889e94ea1b0b3e840ce0ca
-
SSDEEP
49152:GJaSVA+AsBXue0dMpOBFOEhQf5Uv+dqPS7LxNPiVM2xqU17/bJEbEIwFYdAs/:2bVA+AsBXwep6OEhQxU2dgm3iM2xqUxm
Static task
static1
Behavioral task
behavioral1
Sample
Photo01 By gpj.scr
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Photo01 By gpj.scr
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
Photo01 By gpj.SCR
-
Size
547KB
-
MD5
dc5e556beac206f025de1c9f92d2e39b
-
SHA1
c0820fed333a9bb3c800950e5d3f46b0ade731e0
-
SHA256
560e31e0a9b21391f252a3096e2e0e495eb7c33a7548de1d71dea1a334536aee
-
SHA512
4f34c33157fa78e7d068480962ad30116673a62fff7591b95d245e3cdc56e218cb6c8cc63ad1930d555a033ce810ba929c9040ebcc7df61099f673fbb8e6b621
-
SSDEEP
12288:oXTxe8fUp6qreT2A+FY0u7qMg+RIGjFGKOyeRJatK:xpVLqg+KW5b3tK
Score10/10-
Modifies firewall policy service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-