Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
E-dekont.exe
-
Size
575KB
-
Sample
240219-lcetbsbf8y
-
MD5
46b01a46c54eae7a4a22df08acd2148d
-
SHA1
b68dd5edfa58283488c7de3eeed549cc2cf34ace
-
SHA256
b2aedf1de53ed6e8b341efc26bfa06068a0c1dcfa04af94d998ced18546ad5d4
-
SHA512
f2fc66d4ee5057e760ebc758d9b5b937f8ab070724bd0611c4458520c5c21a839e094ad06b5760c59167a88614d1afff5512ef5120237c1b89ab23032e9991e8
-
SSDEEP
12288:FmWRppHy/X3hRbetbLiiJTFoAtV9Tj20z168E7rg3ONKUH1:FmWRYhR6tbRJTFjTjxzk8QOyH1
Static task
static1
Behavioral task
behavioral1
Sample
E-dekont.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
E-dekont.exe
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
Melitta/Assonantic/evakueringsvelsers/Jakobskamp/Blyantstegninger.ps1
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
Melitta/Assonantic/evakueringsvelsers/Jakobskamp/Blyantstegninger.ps1
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
E-dekont.exe
-
Size
575KB
-
MD5
46b01a46c54eae7a4a22df08acd2148d
-
SHA1
b68dd5edfa58283488c7de3eeed549cc2cf34ace
-
SHA256
b2aedf1de53ed6e8b341efc26bfa06068a0c1dcfa04af94d998ced18546ad5d4
-
SHA512
f2fc66d4ee5057e760ebc758d9b5b937f8ab070724bd0611c4458520c5c21a839e094ad06b5760c59167a88614d1afff5512ef5120237c1b89ab23032e9991e8
-
SSDEEP
12288:FmWRppHy/X3hRbetbLiiJTFoAtV9Tj20z168E7rg3ONKUH1:FmWRYhR6tbRJTFjTjxzk8QOyH1
Score7/10-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
6KB
-
MD5
293165db1e46070410b4209519e67494
-
SHA1
777b96a4f74b6c34d43a4e7c7e656757d1c97f01
-
SHA256
49b7477db8dd22f8cf2d41ee2d79ce57797f02e8c7b9e799951a6c710384349a
-
SHA512
97012139f2da5868fe8731c0b0bcb3cfda29ed10c2e6e2336b504480c9cd9fb8f4728cca23f1e0bd577d75daa542e59f94d1d341f4e8aaeebc7134bf61288c19
-
SSDEEP
96:4BNbUVOFvfcxEAxxxJzxLp+eELeoMEskzYzeHd0+uoyVeNSsX4:EUVOFvf9ABJFHE+FkEad0PLVeN
Score3/10 -
-
-
Target
Melitta/Assonantic/evakueringsvelsers/Jakobskamp/Blyantstegninger.Mum
-
Size
42KB
-
MD5
a986fd781b75d8deae5059a8eaf9947b
-
SHA1
00e654981fe37b648a5799c04856830d83345736
-
SHA256
c2fb393897717d953dfd2ccfd179fccba1dbae00fa6c7a9ca46610b78b9ba085
-
SHA512
ccc7b6aacc718ab09d871e933227d02299e9c9c119669f15804d988b46d7ba0db45aedf6d1a61f4844ec091d6a6e9ef3e0557b3c50420693453a2df59c4b2545
-
SSDEEP
768:lq3bgwBoUUAvXmZR+FL6lYPl8ULiLBnQNHBivEWkS+gs19:816QXw+slYPZLilQLkEWkSs19
Score8/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-