Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
10c0ff4f15da8404a8289be8fc4b627a
-
Size
127KB
-
Sample
231225-jxwlgagcdm
-
MD5
10c0ff4f15da8404a8289be8fc4b627a
-
SHA1
db85d268a9025b5b61020b7f1690f25b87eeb95f
-
SHA256
22eb03aa4b11a069d5723474389950ccde238caeb9206f8836767ae04f397151
-
SHA512
67d31db803979c8604cfe3a6e914e82b168078fbfdfc2eae604201aec2e57c2b777fb9003fee39b2fe4f2799f74ffc4dd2af893d05f25bdb5e90d5e0525efdcd
-
SSDEEP
3072:IvgEL7Yo4PkH9sIb8WlJc2rftwh8lupNcnSXWje7sI+a7yw:IvgEPYo4Pktlq2rbluTcn4WRaWw
Malware Config
Targets
-
-
Target
PHOTO-DEVOCHKA.exe
-
Size
238KB
-
MD5
43fe764bb0d948ccae24fcbd8ac7c17e
-
SHA1
5f787deaec858095f6894f892b71b7e03a05d106
-
SHA256
f5c517c991353a148cea7f08bdb6e9eb34abc7e2fe98e25ae99dbd9f9a951aff
-
SHA512
e985b9f2bc813d66f2cd2a3b5e31a5dbf9e23f8046719e39657acd8b50554f6de2dce104d78ca5436a007c157bb4cc60d0c6355df9748271be5cfddfc2178b0d
-
SSDEEP
3072:jBAp5XhKpN4eOyVTGfhEClj8jTk+0hsquxV/hvdG+Cgw5CKHm:ObXE9OiTGfhEClq9XqK/hvxJJUm
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-