Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5931d4ce4474f475285ae401210118ec
-
Size
527KB
-
Sample
240113-t2dassddb3
-
MD5
5931d4ce4474f475285ae401210118ec
-
SHA1
6fbc6a2eb5fa01b5df0328e44462c1cfab95da10
-
SHA256
3143909b3d25371f35a28d55ae07c891a7cf22f1720b1f6ec6cc24d8329e2aed
-
SHA512
3eee717922cd50349cf563a83ed32931a350a57f54cec371219bc51424f56567a5c1a32945f53f4469cbcee95bd792c90ee6aa81929f9784e8a2d7aea92b899c
-
SSDEEP
12288:+LAxXLLxMeMR/zKKjCy9/p4SmMFcvjxUeq9d9eGEbGn:Zx36YKjCyPXm1vqeqr9eGEbGn
Static task
static1
Behavioral task
behavioral1
Sample
5931d4ce4474f475285ae401210118ec.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5931d4ce4474f475285ae401210118ec.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
5931d4ce4474f475285ae401210118ec
-
Size
527KB
-
MD5
5931d4ce4474f475285ae401210118ec
-
SHA1
6fbc6a2eb5fa01b5df0328e44462c1cfab95da10
-
SHA256
3143909b3d25371f35a28d55ae07c891a7cf22f1720b1f6ec6cc24d8329e2aed
-
SHA512
3eee717922cd50349cf563a83ed32931a350a57f54cec371219bc51424f56567a5c1a32945f53f4469cbcee95bd792c90ee6aa81929f9784e8a2d7aea92b899c
-
SSDEEP
12288:+LAxXLLxMeMR/zKKjCy9/p4SmMFcvjxUeq9d9eGEbGn:Zx36YKjCyPXm1vqeqr9eGEbGn
Score10/10-
Ardamax main executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-