Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5957273f83c34330397a570ff4f82a6d
-
Size
632KB
-
Sample
240113-y8vkwadefr
-
MD5
5957273f83c34330397a570ff4f82a6d
-
SHA1
8df8ac5ad6a7ded21ae53143671c705654f85c2d
-
SHA256
5e9409b0e5ba2605584ed39633fc3470ac485af23cc5f4d16e2742b7411401b7
-
SHA512
381de51797e040cb28e809880addaad64fa3f83d8118e5fc029fa37e80b9ca9ea69555d39b78b83f90ecc711dce5a97ba3b23803f354e7e521a11097aaeedbaa
-
SSDEEP
12288:YyK0hHqBQExSsbxdb/kjGo2fFZd766nyYYNniD5NKqt:zK0hH7kdkzQvdyHNnSN
Malware Config
Targets
-
-
Target
5957273f83c34330397a570ff4f82a6d
-
Size
632KB
-
MD5
5957273f83c34330397a570ff4f82a6d
-
SHA1
8df8ac5ad6a7ded21ae53143671c705654f85c2d
-
SHA256
5e9409b0e5ba2605584ed39633fc3470ac485af23cc5f4d16e2742b7411401b7
-
SHA512
381de51797e040cb28e809880addaad64fa3f83d8118e5fc029fa37e80b9ca9ea69555d39b78b83f90ecc711dce5a97ba3b23803f354e7e521a11097aaeedbaa
-
SSDEEP
12288:YyK0hHqBQExSsbxdb/kjGo2fFZd766nyYYNniD5NKqt:zK0hH7kdkzQvdyHNnSN
Score8/10-
Blocklisted process makes network request
-
Modifies AppInit DLL entries
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-