Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5872333d2fb1c14489eb47d114fe9374
-
Size
17KB
-
Sample
240113-kaej4sffe3
-
MD5
5872333d2fb1c14489eb47d114fe9374
-
SHA1
560c6a1e81d55ae0d121218f81a10580f448167f
-
SHA256
5a74794563684b17211a301d32ac922efcdd45ee338003f4cebdc64bee713184
-
SHA512
180af68c3bf3f7d99eed603c0ef51a02ce031c2638ee0367fbdecb2d80e17b1da76c61cd7c2b9146f426432102574132dd4f52816b3fe21a245cea692c3ef393
-
SSDEEP
384:PFqvLY6cKcmZO2Zp+Nye8pqrmub8TyztsDN:PYE6cKoKK8o8TyJc
Malware Config
Targets
-
-
Target
5872333d2fb1c14489eb47d114fe9374
-
Size
17KB
-
MD5
5872333d2fb1c14489eb47d114fe9374
-
SHA1
560c6a1e81d55ae0d121218f81a10580f448167f
-
SHA256
5a74794563684b17211a301d32ac922efcdd45ee338003f4cebdc64bee713184
-
SHA512
180af68c3bf3f7d99eed603c0ef51a02ce031c2638ee0367fbdecb2d80e17b1da76c61cd7c2b9146f426432102574132dd4f52816b3fe21a245cea692c3ef393
-
SSDEEP
384:PFqvLY6cKcmZO2Zp+Nye8pqrmub8TyztsDN:PYE6cKoKK8o8TyJc
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-