Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ab7a3de7135318c2263530b855a14ff2.exe
-
Size
452KB
-
Sample
240107-xztfsaccam
-
MD5
ab7a3de7135318c2263530b855a14ff2
-
SHA1
0772f238e91d06a36c1fc3705a1cf6e65e14739b
-
SHA256
9a351bd7f2a3ef4b58c2e54b4bc43bbc2d1dd41db7d2787c2007b58b570cb73a
-
SHA512
13424cffe12a21b0826bab06cd7c73835c5346929604857285e7e0da7d1a63b1fe5d87e82f203ef9c1e5ab2024bf2e4826e3b741f922089a40c707c0f0d98903
-
SSDEEP
12288:9YU476vtic2xSNc8DtoQRWIvf5qZ4KAlPfEOX:2utj22c8RVWFZ3ARsOX
Static task
static1
Behavioral task
behavioral1
Sample
ab7a3de7135318c2263530b855a14ff2.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
ab7a3de7135318c2263530b855a14ff2.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
ab7a3de7135318c2263530b855a14ff2.exe
-
Size
452KB
-
MD5
ab7a3de7135318c2263530b855a14ff2
-
SHA1
0772f238e91d06a36c1fc3705a1cf6e65e14739b
-
SHA256
9a351bd7f2a3ef4b58c2e54b4bc43bbc2d1dd41db7d2787c2007b58b570cb73a
-
SHA512
13424cffe12a21b0826bab06cd7c73835c5346929604857285e7e0da7d1a63b1fe5d87e82f203ef9c1e5ab2024bf2e4826e3b741f922089a40c707c0f0d98903
-
SSDEEP
12288:9YU476vtic2xSNc8DtoQRWIvf5qZ4KAlPfEOX:2utj22c8RVWFZ3ARsOX
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-