Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ed26b1737037537b3e4c74b5a66c5f3c53ca7000a6582b086140f1254a6d1d50
-
Size
779KB
-
Sample
240222-fbqxbabf8v
-
MD5
002bff6573f0e7721b37dbbaebb75d47
-
SHA1
2aea4be00024a7e4aaa2454728e10896b48bd086
-
SHA256
ed26b1737037537b3e4c74b5a66c5f3c53ca7000a6582b086140f1254a6d1d50
-
SHA512
a808744182d23640b1d944a795597cab11419c8e62646709ea4e3338de82af3c559272e28c93dc6bcc2eb6b116197dc755b3c62b5730567aff019619798a20d5
-
SSDEEP
12288:xPJTcmjRN6KSYqk5lvgKTgt9awhBcxet8mBVRTqeRKwpNtW4fo:lJ4m9iyv28whSwRBVRTwwpK
Static task
static1
Behavioral task
behavioral1
Sample
ed26b1737037537b3e4c74b5a66c5f3c53ca7000a6582b086140f1254a6d1d50.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ed26b1737037537b3e4c74b5a66c5f3c53ca7000a6582b086140f1254a6d1d50.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
ed26b1737037537b3e4c74b5a66c5f3c53ca7000a6582b086140f1254a6d1d50
-
Size
779KB
-
MD5
002bff6573f0e7721b37dbbaebb75d47
-
SHA1
2aea4be00024a7e4aaa2454728e10896b48bd086
-
SHA256
ed26b1737037537b3e4c74b5a66c5f3c53ca7000a6582b086140f1254a6d1d50
-
SHA512
a808744182d23640b1d944a795597cab11419c8e62646709ea4e3338de82af3c559272e28c93dc6bcc2eb6b116197dc755b3c62b5730567aff019619798a20d5
-
SSDEEP
12288:xPJTcmjRN6KSYqk5lvgKTgt9awhBcxet8mBVRTqeRKwpNtW4fo:lJ4m9iyv28whSwRBVRTwwpK
Score8/10-
Modifies Installed Components in the registry
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-