Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8588c0c872a004d16455c5f28a4e9c0e8875b10b295f42b93a69a211f5fb9f6f
-
Size
2.5MB
-
Sample
240308-sb4vdsaf5v
-
MD5
145fb0a72ca3799c22a451683b0b6d38
-
SHA1
9ee456116c6da2d416b078ecc70008f1682be605
-
SHA256
8588c0c872a004d16455c5f28a4e9c0e8875b10b295f42b93a69a211f5fb9f6f
-
SHA512
566ff9bc201d8fb0552fb9a473a780339b04e7c4d7083f3d18a3fbd705493c4af7a06da7e89e3c4a50e9acb6dd8c5c595511c924a2b1b91b77c3e907be80d68a
-
SSDEEP
49152:vB+dPmenydp6g4OiZrq1DfP+rsNADtV6v+L8uSwiPSCmDS+5uSlVQ:Cuiyd54OiZrq1DfPHNADtV6v+
Static task
static1
Behavioral task
behavioral1
Sample
8588c0c872a004d16455c5f28a4e9c0e8875b10b295f42b93a69a211f5fb9f6f.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
8588c0c872a004d16455c5f28a4e9c0e8875b10b295f42b93a69a211f5fb9f6f.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
8588c0c872a004d16455c5f28a4e9c0e8875b10b295f42b93a69a211f5fb9f6f
-
Size
2.5MB
-
MD5
145fb0a72ca3799c22a451683b0b6d38
-
SHA1
9ee456116c6da2d416b078ecc70008f1682be605
-
SHA256
8588c0c872a004d16455c5f28a4e9c0e8875b10b295f42b93a69a211f5fb9f6f
-
SHA512
566ff9bc201d8fb0552fb9a473a780339b04e7c4d7083f3d18a3fbd705493c4af7a06da7e89e3c4a50e9acb6dd8c5c595511c924a2b1b91b77c3e907be80d68a
-
SSDEEP
49152:vB+dPmenydp6g4OiZrq1DfP+rsNADtV6v+L8uSwiPSCmDS+5uSlVQ:Cuiyd54OiZrq1DfPHNADtV6v+
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-