Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5de4db7670dd11f2f3e1873fe5a87349c2676739912fd92b671fa1432d4461f5
-
Size
50KB
-
Sample
240309-2hfwksdc2z
-
MD5
381da20afb7a5cfd4c7574faea82da3a
-
SHA1
34458e430b147540a508474e6531016540bb4bf0
-
SHA256
5de4db7670dd11f2f3e1873fe5a87349c2676739912fd92b671fa1432d4461f5
-
SHA512
974258bb044869ceb6cc90062f1d10e8586a945cc87b106971d98686d50d43e95f41781be81e06161acd1c9d3fdac8229b02157311d13c0e8839411d3bf97451
-
SSDEEP
768:LZ+Zxe90i19C92eocaWTmNtY6coZOu5dGcTYKBZUkhkPZoMi/M6rm0ZO:LaiZ19C92eocaWTKtNJZOu5EFgZHQ816
Static task
static1
Behavioral task
behavioral1
Sample
5de4db7670dd11f2f3e1873fe5a87349c2676739912fd92b671fa1432d4461f5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5de4db7670dd11f2f3e1873fe5a87349c2676739912fd92b671fa1432d4461f5.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
5de4db7670dd11f2f3e1873fe5a87349c2676739912fd92b671fa1432d4461f5
-
Size
50KB
-
MD5
381da20afb7a5cfd4c7574faea82da3a
-
SHA1
34458e430b147540a508474e6531016540bb4bf0
-
SHA256
5de4db7670dd11f2f3e1873fe5a87349c2676739912fd92b671fa1432d4461f5
-
SHA512
974258bb044869ceb6cc90062f1d10e8586a945cc87b106971d98686d50d43e95f41781be81e06161acd1c9d3fdac8229b02157311d13c0e8839411d3bf97451
-
SSDEEP
768:LZ+Zxe90i19C92eocaWTmNtY6coZOu5dGcTYKBZUkhkPZoMi/M6rm0ZO:LaiZ19C92eocaWTKtNJZOu5EFgZHQ816
Score9/10-
Modifies boot configuration data using bcdedit
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-