Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
71b29326e25cd4536eccf0f66c41b229
-
Size
1.0MB
-
Sample
240124-jv3xrsddhn
-
MD5
71b29326e25cd4536eccf0f66c41b229
-
SHA1
10754a00be9726f05671f69d1790a7e797af87ab
-
SHA256
7b9ed8b14141105159a339086596cc103523e615b309e53beb56e68fb82df384
-
SHA512
c290be316da8c240aefdbfc447c673473036a5ed3458b2141f06b0e3309faf0a4b4af385fde8aba0970568f618bd0d0bec44264aef6c0914e76f5f101ffec089
-
SSDEEP
24576:dvVoxa8cIWoSpaBFasuLcdm4RrU9hgauaEZsoVhka20y2o61yMWXQC+aSMysCP4V:ddoxa8cIWoSpaBFasuLcdrrU9hgauaEi
Behavioral task
behavioral1
Sample
71b29326e25cd4536eccf0f66c41b229.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
71b29326e25cd4536eccf0f66c41b229.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
71b29326e25cd4536eccf0f66c41b229
-
Size
1.0MB
-
MD5
71b29326e25cd4536eccf0f66c41b229
-
SHA1
10754a00be9726f05671f69d1790a7e797af87ab
-
SHA256
7b9ed8b14141105159a339086596cc103523e615b309e53beb56e68fb82df384
-
SHA512
c290be316da8c240aefdbfc447c673473036a5ed3458b2141f06b0e3309faf0a4b4af385fde8aba0970568f618bd0d0bec44264aef6c0914e76f5f101ffec089
-
SSDEEP
24576:dvVoxa8cIWoSpaBFasuLcdm4RrU9hgauaEZsoVhka20y2o61yMWXQC+aSMysCP4V:ddoxa8cIWoSpaBFasuLcdrrU9hgauaEi
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-