Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
river.exe
-
Size
42.4MB
-
Sample
240225-eh2fysah38
-
MD5
d456468a29c7f607f856d744a8fa0813
-
SHA1
a3e17c3cd71b87881aadd7251d9712e43d7b8e9e
-
SHA256
d615116b42dd422e6d9577cfbabe1828f1b1f6f619f7a1c40b781f392c46ee34
-
SHA512
c6257e7c5f5398dc1fbcbbd88e52bc76084cd46ccd92873de26eaaefba746c3fc16774a9e1b4a03957cc064a961bbf613eec5751aad7ff7cad067096b543837b
-
SSDEEP
786432:dSQtsRPJmIKmr2puIvnaJ/12j6+s7LWB75zuk2rPJVEEY5F0wW8p2RPBLd/b:dSQt6PIIfr2pBvnaB12qHWB75ik0PkER
Behavioral task
behavioral1
Sample
river.exe
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
river.exe
-
Size
42.4MB
-
MD5
d456468a29c7f607f856d744a8fa0813
-
SHA1
a3e17c3cd71b87881aadd7251d9712e43d7b8e9e
-
SHA256
d615116b42dd422e6d9577cfbabe1828f1b1f6f619f7a1c40b781f392c46ee34
-
SHA512
c6257e7c5f5398dc1fbcbbd88e52bc76084cd46ccd92873de26eaaefba746c3fc16774a9e1b4a03957cc064a961bbf613eec5751aad7ff7cad067096b543837b
-
SSDEEP
786432:dSQtsRPJmIKmr2puIvnaJ/12j6+s7LWB75zuk2rPJVEEY5F0wW8p2RPBLd/b:dSQt6PIIfr2pBvnaB12qHWB75ik0PkER
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-