Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
VIRUS DO NOT OPEN.rar
-
Size
13.5MB
-
Sample
240315-rw21vsda32
-
MD5
d78c6d4e78955a325452674d32bc7be6
-
SHA1
3d27759d5ba0f1067ca62e7c9ce061db1017681f
-
SHA256
9e871595e30e5d22e58325d8c069cb48612ae07689dff680228af33911e55a27
-
SHA512
7b6f5b4397ede6026193604505bca1d03b765f6d79d9d2f816a665b175371f3d7f12b82c62b3b4999d325bab4d6822fe3037cf61dd770e88208a881b425ece7e
-
SSDEEP
393216:LJFSF15WwTui+xUn1n24bYdhvNeltrNaD:LJFjyuin2zb1OpNC
Static task
static1
Behavioral task
behavioral1
Sample
VIRUS DO NOT OPEN.rar
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
VIRUS DO NOT OPEN.rar
-
Size
13.5MB
-
MD5
d78c6d4e78955a325452674d32bc7be6
-
SHA1
3d27759d5ba0f1067ca62e7c9ce061db1017681f
-
SHA256
9e871595e30e5d22e58325d8c069cb48612ae07689dff680228af33911e55a27
-
SHA512
7b6f5b4397ede6026193604505bca1d03b765f6d79d9d2f816a665b175371f3d7f12b82c62b3b4999d325bab4d6822fe3037cf61dd770e88208a881b425ece7e
-
SSDEEP
393216:LJFSF15WwTui+xUn1n24bYdhvNeltrNaD:LJFjyuin2zb1OpNC
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Legitimate hosting services abused for malware hosting/C2
-