Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
student.exe
-
Size
5.1MB
-
Sample
240220-w5r98sde47
-
MD5
8748891eb1584c4502a15577d3075d41
-
SHA1
e0304bd87d1e7516ca6f49d8896fa8498b830ab5
-
SHA256
f2167589cc58e0bbb31100da792d13a9bcb8e98e511aa2405e896223a11ddabd
-
SHA512
a2c46761b31050f319f55d6e2de35ee59f22d427e9edf2f7a7061922aeafde44b56cdc6165e0523d01f21dacf20013d6eb10ce1b4627134b6d8e866de9169024
-
SSDEEP
98304:Rx9iA5FR7kozLG5k4iugdOsmX6Xpcvy3r3MKpeGVxG06Puy+1M:Rx935FJfzLjunX6XpmGVwyy+G
Static task
static1
Behavioral task
behavioral1
Sample
student.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
student.exe
-
Size
5.1MB
-
MD5
8748891eb1584c4502a15577d3075d41
-
SHA1
e0304bd87d1e7516ca6f49d8896fa8498b830ab5
-
SHA256
f2167589cc58e0bbb31100da792d13a9bcb8e98e511aa2405e896223a11ddabd
-
SHA512
a2c46761b31050f319f55d6e2de35ee59f22d427e9edf2f7a7061922aeafde44b56cdc6165e0523d01f21dacf20013d6eb10ce1b4627134b6d8e866de9169024
-
SSDEEP
98304:Rx9iA5FR7kozLG5k4iugdOsmX6Xpcvy3r3MKpeGVxG06Puy+1M:Rx935FJfzLjunX6XpmGVwyy+G
-
Modifies firewall policy service
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-