Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
tmp
-
Size
1.4MB
-
Sample
240329-w2zj5seg6z
-
MD5
f1152d572e1722ea2568eff98efc161f
-
SHA1
5c61a7c330a12a5cd8c649b8335ddae1d63d3d26
-
SHA256
922c43a5ccbb2622ec917426a98da9289e5481ad29d5996003e8a46e6791573b
-
SHA512
1f9b02f2038597aeab96eab6ec829c1f2322bfcbb5f07f854e78b14ece4427a915a35575fbed8c86982eb2b2e36507c6e950624d58e5cc50373944829c15d926
-
SSDEEP
24576:CYhXUX0DKyOBqg7Fx+mDSLdBJ4qyzTaPkrK/ApWmNKmGztJ0uiX19HX7Bcaxw+LP:/hHDKnl2mDo32l63/zm5Gz3F6RrB9x
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
$TEMP/Simultaneously.exe
Resource
win7-20240319-en
Behavioral task
behavioral4
Sample
$TEMP/Simultaneously.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
tmp
-
Size
1.4MB
-
MD5
f1152d572e1722ea2568eff98efc161f
-
SHA1
5c61a7c330a12a5cd8c649b8335ddae1d63d3d26
-
SHA256
922c43a5ccbb2622ec917426a98da9289e5481ad29d5996003e8a46e6791573b
-
SHA512
1f9b02f2038597aeab96eab6ec829c1f2322bfcbb5f07f854e78b14ece4427a915a35575fbed8c86982eb2b2e36507c6e950624d58e5cc50373944829c15d926
-
SSDEEP
24576:CYhXUX0DKyOBqg7Fx+mDSLdBJ4qyzTaPkrK/ApWmNKmGztJ0uiX19HX7Bcaxw+LP:/hHDKnl2mDo32l63/zm5Gz3F6RrB9x
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
$TEMP/Simultaneously
-
Size
268KB
-
MD5
fc88a8c580509ed23108dd3e0d06f451
-
SHA1
acec8710b5fcf62d72bedc84303284332fe24ccc
-
SHA256
6f1c91ab06cf98ef40cf4424558d78fd8db93a759296b18ada5f1f6eedd81ed6
-
SHA512
404a04e45ab94b5b468dea0aabd032838da6c19bd8e69dcfb43aba51afeca7ec1b2333178d3553e594f7ed875a4b07e1078b1e51e94dc587061e1bddf46f2553
-
SSDEEP
6144:1K5vPeDkjGgQaE/loUDtf0accB3gBmmLsiS+SAhClbt:uvG4waEqOfFfB3gBTQ+SAibt
Score1/10 -