Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f191d334abb3d33f9d99efb91b4c12f8f6367d8015c83b3f93adb272a2da5cf5.exe
-
Size
575KB
-
Sample
240409-dayvescc38
-
MD5
18ccd333d9d11e8bc62935caab393521
-
SHA1
ae54dc1fe193bf3ad174566a47ab1013f107e878
-
SHA256
f191d334abb3d33f9d99efb91b4c12f8f6367d8015c83b3f93adb272a2da5cf5
-
SHA512
a07d2a5cc0cb3044693c0274f728999335021cecf5a5bd697720c88e952f8ca69fd5e5ea7e581a3e400df439de6d5cb8d16d6dad6238f6415eaf4d7e5e1cba21
-
SSDEEP
12288:UB1oVeonJHI5mtDWQyskRb+udA2w1nelK8X+e:eo5dWmFWXRNA2/RX7
Static task
static1
Behavioral task
behavioral1
Sample
f191d334abb3d33f9d99efb91b4c12f8f6367d8015c83b3f93adb272a2da5cf5.exe
Resource
win7-20240319-en
Malware Config
Extracted
asyncrat
0.5.8
Testing
91.207.102.163:9899
HbLmK5pOLkik
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
f191d334abb3d33f9d99efb91b4c12f8f6367d8015c83b3f93adb272a2da5cf5.exe
-
Size
575KB
-
MD5
18ccd333d9d11e8bc62935caab393521
-
SHA1
ae54dc1fe193bf3ad174566a47ab1013f107e878
-
SHA256
f191d334abb3d33f9d99efb91b4c12f8f6367d8015c83b3f93adb272a2da5cf5
-
SHA512
a07d2a5cc0cb3044693c0274f728999335021cecf5a5bd697720c88e952f8ca69fd5e5ea7e581a3e400df439de6d5cb8d16d6dad6238f6415eaf4d7e5e1cba21
-
SSDEEP
12288:UB1oVeonJHI5mtDWQyskRb+udA2w1nelK8X+e:eo5dWmFWXRNA2/RX7
-
Detects executables packed with SmartAssembly
-
Detects file containing reversed ASEP Autorun registry keys
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-