Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b4d8e7d22fe95b14fc79a1068fdf66f2
-
Size
599KB
-
Sample
240305-q4hrhsgc2x
-
MD5
b4d8e7d22fe95b14fc79a1068fdf66f2
-
SHA1
599937e533c6570a507cd2e96f3a2bda5e72902a
-
SHA256
77e8465236439d398d65d41906b7173559700950c220af0c0db54d168b92b590
-
SHA512
ce665450871c7917cc5d578432371f79a2461f7b0010f4f4df3d2745c0fa9e7740d52bbe772c837637735cb0a2e13f9736c9249533d9d57b712fd74a10f92b24
-
SSDEEP
12288:SfpL7a07Au24ZxQAykcTo9K6ld2D9ccQBb6LS/riACotAViE:QPRAP4j0iIWv5WACoKQE
Static task
static1
Behavioral task
behavioral1
Sample
b4d8e7d22fe95b14fc79a1068fdf66f2.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b4d8e7d22fe95b14fc79a1068fdf66f2.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
b4d8e7d22fe95b14fc79a1068fdf66f2
-
Size
599KB
-
MD5
b4d8e7d22fe95b14fc79a1068fdf66f2
-
SHA1
599937e533c6570a507cd2e96f3a2bda5e72902a
-
SHA256
77e8465236439d398d65d41906b7173559700950c220af0c0db54d168b92b590
-
SHA512
ce665450871c7917cc5d578432371f79a2461f7b0010f4f4df3d2745c0fa9e7740d52bbe772c837637735cb0a2e13f9736c9249533d9d57b712fd74a10f92b24
-
SSDEEP
12288:SfpL7a07Au24ZxQAykcTo9K6ld2D9ccQBb6LS/riACotAViE:QPRAP4j0iIWv5WACoKQE
Score10/10-
Modifies WinLogon for persistence
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-