Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8d1b0d9a04ed0ec29703abe2cb29e3e7
-
Size
34KB
-
Sample
240203-xqrwlagbe2
-
MD5
8d1b0d9a04ed0ec29703abe2cb29e3e7
-
SHA1
d07f0fac7361c54d4de1d42809524c0d66a077ae
-
SHA256
56657d0660933b2dcef3dfd048fca62cbbb2fb3d36658c13da26dcd0980c756a
-
SHA512
6e8a49883d4c753ec9fb2bf573fec6bd810af6723799a09717c0a6e4ecc2cd165b2c601f008e2004e4942a4159a22f0dec81e12f8084494126cad2003860cd14
-
SSDEEP
384:GBXUFh1yvN/uMmxDMm/QQgQAAwIIQQgQcF:MXUs1ZmxDMm/QQgQAAwIIQQgQcF
Static task
static1
Behavioral task
behavioral1
Sample
8d1b0d9a04ed0ec29703abe2cb29e3e7.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8d1b0d9a04ed0ec29703abe2cb29e3e7.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
8d1b0d9a04ed0ec29703abe2cb29e3e7
-
Size
34KB
-
MD5
8d1b0d9a04ed0ec29703abe2cb29e3e7
-
SHA1
d07f0fac7361c54d4de1d42809524c0d66a077ae
-
SHA256
56657d0660933b2dcef3dfd048fca62cbbb2fb3d36658c13da26dcd0980c756a
-
SHA512
6e8a49883d4c753ec9fb2bf573fec6bd810af6723799a09717c0a6e4ecc2cd165b2c601f008e2004e4942a4159a22f0dec81e12f8084494126cad2003860cd14
-
SSDEEP
384:GBXUFh1yvN/uMmxDMm/QQgQAAwIIQQgQcF:MXUs1ZmxDMm/QQgQAAwIIQQgQcF
Score8/10-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-