Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
32d252534c542367c9142722d7846e30.exe
-
Size
1.9MB
-
Sample
240110-w2dmnsdhe2
-
MD5
32d252534c542367c9142722d7846e30
-
SHA1
3f12815829d49c4a3c58a4c81d1b29a6bbe0559f
-
SHA256
af76eca8fb87654239cf27832deaf940bdc25aba67aab489272909d3f92950f4
-
SHA512
0f42263bce1904972225799c0ecb121dade8b93b170960e95bd11602cf5d21dfd2989c9d2f898f940e5803417c8ace5992a295c6a946be0a1edda1a2a903b15d
-
SSDEEP
49152:DNVHofUQUKnHVotxmM6/d7KwoZgJDtaGmeSdjkrfR:DNVHTKHWt8JoZgJDt3Aq
Malware Config
Targets
-
-
Target
32d252534c542367c9142722d7846e30.exe
-
Size
1.9MB
-
MD5
32d252534c542367c9142722d7846e30
-
SHA1
3f12815829d49c4a3c58a4c81d1b29a6bbe0559f
-
SHA256
af76eca8fb87654239cf27832deaf940bdc25aba67aab489272909d3f92950f4
-
SHA512
0f42263bce1904972225799c0ecb121dade8b93b170960e95bd11602cf5d21dfd2989c9d2f898f940e5803417c8ace5992a295c6a946be0a1edda1a2a903b15d
-
SSDEEP
49152:DNVHofUQUKnHVotxmM6/d7KwoZgJDtaGmeSdjkrfR:DNVHTKHWt8JoZgJDt3Aq
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-