Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1a7c1927f515eeec926a21d5e91e12da
-
Size
50KB
-
Sample
231230-q3e91aecf2
-
MD5
1a7c1927f515eeec926a21d5e91e12da
-
SHA1
3c5c6802372c32477ff5c11c1e59979f50752730
-
SHA256
a9524f30aaff503ab58af21556160282929edb8f72b81efc979dd8510f6129c2
-
SHA512
d0581ced6aad504a9feff58e27c9a465471d60aa531afcbde0a3bbaf04d27c2f045037577dcae6f5c2b2f263b891be5c1e89d838147101974a7e02a44e0ec853
-
SSDEEP
768:BHReXvU8CVG6qDfQlPdXsz56b0Rw4zXn4hie7UXrM0gCs2H4rdxO2+:BHReXoVXfj6cushlkPZ2dU2+
Malware Config
Targets
-
-
Target
1a7c1927f515eeec926a21d5e91e12da
-
Size
50KB
-
MD5
1a7c1927f515eeec926a21d5e91e12da
-
SHA1
3c5c6802372c32477ff5c11c1e59979f50752730
-
SHA256
a9524f30aaff503ab58af21556160282929edb8f72b81efc979dd8510f6129c2
-
SHA512
d0581ced6aad504a9feff58e27c9a465471d60aa531afcbde0a3bbaf04d27c2f045037577dcae6f5c2b2f263b891be5c1e89d838147101974a7e02a44e0ec853
-
SSDEEP
768:BHReXvU8CVG6qDfQlPdXsz56b0Rw4zXn4hie7UXrM0gCs2H4rdxO2+:BHReXoVXfj6cushlkPZ2dU2+
Score8/10-
Blocklisted process makes network request
-
Disables RegEdit via registry modification
-
Disables use of System Restore points
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-