Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
empyrean-main.zip
-
Size
458KB
-
Sample
231224-vn3tzafehr
-
MD5
6dbedd7e963cd1868bdf3ae273b3e8c9
-
SHA1
708bfb6faf845f65f41f753f3fda60e69c880ea4
-
SHA256
b2c2a9c32a27fe5c3872a0a96f96fad6597e4f8f5242ec90a7c2b69a1b409bb0
-
SHA512
d1322c4fae217ea79320ee17333e917faf9b275f3ba036222fbae93ec4cae3e3b6358a1cecb7659a76a2e0fccf4a8ac68b4304c85ba91273c3bb6f5d4d2ea251
-
SSDEEP
12288:/Hl1OMPc6NQpZZzzYQqaejezSEDl52fsl:/H66CpZBsjez352U
Behavioral task
behavioral1
Sample
empyrean-main.zip
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
empyrean-main.zip
-
Size
458KB
-
MD5
6dbedd7e963cd1868bdf3ae273b3e8c9
-
SHA1
708bfb6faf845f65f41f753f3fda60e69c880ea4
-
SHA256
b2c2a9c32a27fe5c3872a0a96f96fad6597e4f8f5242ec90a7c2b69a1b409bb0
-
SHA512
d1322c4fae217ea79320ee17333e917faf9b275f3ba036222fbae93ec4cae3e3b6358a1cecb7659a76a2e0fccf4a8ac68b4304c85ba91273c3bb6f5d4d2ea251
-
SSDEEP
12288:/Hl1OMPc6NQpZZzzYQqaejezSEDl52fsl:/H66CpZBsjez352U
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-