Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c06da1d7ce6843074ae3a964dc8aa862151f2196c0e15964d3d9959a44ba89f8.exe
-
Size
91KB
-
Sample
240319-dazfysfe62
-
MD5
607acc5a6b670bd144bf3897cda6b233
-
SHA1
24a2fc93216adb3543ee555473b2f61f333384d2
-
SHA256
c06da1d7ce6843074ae3a964dc8aa862151f2196c0e15964d3d9959a44ba89f8
-
SHA512
75bd3c2fe2a6b96586e0e1ecf5d282d55f71fb9891961ca1dd6c6be90eaa9a196fd62c8343abfdb039e384895a593f2a01c725451c580980f238c40d764b4643
-
SSDEEP
1536:r7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfLx4fmSxL2MO2:nq6+ouCpk2mpcWJ0r+QNTBfLyfmSBR
Static task
static1
Behavioral task
behavioral1
Sample
c06da1d7ce6843074ae3a964dc8aa862151f2196c0e15964d3d9959a44ba89f8.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
c06da1d7ce6843074ae3a964dc8aa862151f2196c0e15964d3d9959a44ba89f8.exe
-
Size
91KB
-
MD5
607acc5a6b670bd144bf3897cda6b233
-
SHA1
24a2fc93216adb3543ee555473b2f61f333384d2
-
SHA256
c06da1d7ce6843074ae3a964dc8aa862151f2196c0e15964d3d9959a44ba89f8
-
SHA512
75bd3c2fe2a6b96586e0e1ecf5d282d55f71fb9891961ca1dd6c6be90eaa9a196fd62c8343abfdb039e384895a593f2a01c725451c580980f238c40d764b4643
-
SSDEEP
1536:r7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfLx4fmSxL2MO2:nq6+ouCpk2mpcWJ0r+QNTBfLyfmSBR
-
Contains code to disable Windows Defender
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
Modifies security service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-