Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
565dce884c9975a9b297c1cc7a858cca
-
Size
183KB
-
Sample
240112-nvyp9sfbhk
-
MD5
565dce884c9975a9b297c1cc7a858cca
-
SHA1
7539ada7c6f844c8dec0beaf7748130e0f274f10
-
SHA256
34236e767db90d8f0754cf71e77ca17cc65a1cc5890402a532758718da03afb6
-
SHA512
51ca735bbac617d195442fa2fd8922f1665d68012b12a7f8c44f305da57ceba2b6a885720991847e0a3aa6954ce76fc35cc98681c17d24e67a7a0cb2a43842b8
-
SSDEEP
3072:9MSncRzAOcNb3mML5dxNqOooCoDErB0nyde/xTBLfhv:eSncRlcNbl5dLDEBAyUp
Static task
static1
Behavioral task
behavioral1
Sample
565dce884c9975a9b297c1cc7a858cca.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
565dce884c9975a9b297c1cc7a858cca.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
565dce884c9975a9b297c1cc7a858cca
-
Size
183KB
-
MD5
565dce884c9975a9b297c1cc7a858cca
-
SHA1
7539ada7c6f844c8dec0beaf7748130e0f274f10
-
SHA256
34236e767db90d8f0754cf71e77ca17cc65a1cc5890402a532758718da03afb6
-
SHA512
51ca735bbac617d195442fa2fd8922f1665d68012b12a7f8c44f305da57ceba2b6a885720991847e0a3aa6954ce76fc35cc98681c17d24e67a7a0cb2a43842b8
-
SSDEEP
3072:9MSncRzAOcNb3mML5dxNqOooCoDErB0nyde/xTBLfhv:eSncRlcNbl5dLDEBAyUp
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-