Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
CATALOG LISTsxlx..exe
-
Size
616KB
-
Sample
240314-h535vafh33
-
MD5
4390e4862c4906c8a2f35366ba4066d9
-
SHA1
4688330403611320e6d37dbc54e2327e47b2fe0e
-
SHA256
8cece70bbfdfe1792ec9e1c3be822369aaee57680ea0bc78bd8dc37d07e43fc0
-
SHA512
882faa9f80c507b9cb8d2e595893f78dc7a72e1b74c951a3a19d1db6d6682b3b544f74902b946c1a4e6f807cb8c54192366cce5eb360f79ba55da99b940c7d75
-
SSDEEP
12288:ofiw8MkxswcXKC2zNWfm2YRm5sm2YRm5hkxswcXKC2zNW:gD8MZX9uWfm2Yysm2YyhZX9uW
Static task
static1
Behavioral task
behavioral1
Sample
CATALOG LISTsxlx..exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
CATALOG LISTsxlx..exe
-
Size
616KB
-
MD5
4390e4862c4906c8a2f35366ba4066d9
-
SHA1
4688330403611320e6d37dbc54e2327e47b2fe0e
-
SHA256
8cece70bbfdfe1792ec9e1c3be822369aaee57680ea0bc78bd8dc37d07e43fc0
-
SHA512
882faa9f80c507b9cb8d2e595893f78dc7a72e1b74c951a3a19d1db6d6682b3b544f74902b946c1a4e6f807cb8c54192366cce5eb360f79ba55da99b940c7d75
-
SSDEEP
12288:ofiw8MkxswcXKC2zNWfm2YRm5sm2YRm5hkxswcXKC2zNW:gD8MZX9uWfm2Yysm2YyhZX9uW
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-