Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
update1503.zip
-
Size
6.1MB
-
Sample
240407-xwxn2acc89
-
MD5
562641cdab1e0e53695e5f211bd0c7c1
-
SHA1
f81697bf8852e070513549697dff9a46d705126d
-
SHA256
516ca1c34949d486ab72f17515cfdad238b126a043dda0d3322f00510480ce69
-
SHA512
c2bb6f2b5ebfb6dd2662447a21f7cdf199fd525dbcd4da634bb87ee5774500d2ab0c895878ee19dd6a328c4f2a49df402981d6dfc65682204d10f8d888ef9b02
-
SSDEEP
196608:KjjYL4z4wAm1NF4giTydlxdE9Z8N18ytRdAzLAscQ:nIWklxduSN18ytRdAzL7V
Static task
static1
Behavioral task
behavioral1
Sample
update1503.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
update1503.exe
-
Size
18.1MB
-
MD5
7e89dc94745e89b44c0704984be4f377
-
SHA1
d9649264edce63459bf213a473ecb00a40995f02
-
SHA256
2368a83abc6a6b318c11cdf1da7df23529c003160ac5ea68b3c31e47b9194d56
-
SHA512
f562d29c75b7f52ed937decbca9afd3600b30a981b79a92d8a9eb199656ce526909831dba0c6fd3ff21cc5dc2587a18b07d52a316bdff8d63edb0251a96714da
-
SSDEEP
98304:dpYLJ+vH4hKsfBXkvI9CrxARczIjj7pN3fMrb1HpQEdOaYvpXyJZhk:dqXfBXkBrxwcEX7pBfMrb1HppdJ
Score6/10-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-