Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e3c6537ef0c305d9c7b242b88dcbff7b1a762b277b6d15d1372a41f44aa67c46.exe
-
Size
1.7MB
-
Sample
240213-ggs5asac25
-
MD5
cc41c1b0765421f0f397e9be38949b7f
-
SHA1
750a326ef4917e4311bfd0a4534287b9c54dc926
-
SHA256
e3c6537ef0c305d9c7b242b88dcbff7b1a762b277b6d15d1372a41f44aa67c46
-
SHA512
7842742eb64699b0219c1cd516e3cf66d3f4d04e232720d185dfffc1471a3693b55fda418cee3a372bfcd89862ea1a5d1ed1aa6a2a6a70513364de5b02020646
-
SSDEEP
49152:csO5iYju8n8cSa3X9j/Q5C4TQKrTcPml1jLDOb4H+IPUK:csGj8cSS9L4TQKvcPOShKUK
Static task
static1
Behavioral task
behavioral1
Sample
e3c6537ef0c305d9c7b242b88dcbff7b1a762b277b6d15d1372a41f44aa67c46.exe
Resource
win7-20231215-en
Malware Config
Extracted
risepro
193.233.132.211:50500
Targets
-
-
Target
e3c6537ef0c305d9c7b242b88dcbff7b1a762b277b6d15d1372a41f44aa67c46.exe
-
Size
1.7MB
-
MD5
cc41c1b0765421f0f397e9be38949b7f
-
SHA1
750a326ef4917e4311bfd0a4534287b9c54dc926
-
SHA256
e3c6537ef0c305d9c7b242b88dcbff7b1a762b277b6d15d1372a41f44aa67c46
-
SHA512
7842742eb64699b0219c1cd516e3cf66d3f4d04e232720d185dfffc1471a3693b55fda418cee3a372bfcd89862ea1a5d1ed1aa6a2a6a70513364de5b02020646
-
SSDEEP
49152:csO5iYju8n8cSa3X9j/Q5C4TQKrTcPml1jLDOb4H+IPUK:csGj8cSS9L4TQKvcPOShKUK
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-