Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c1861e61f16e7d2e8d3c1882a8e3ca5059ae294eab39c0784ac6d4b262dfe1e8
-
Size
1.6MB
-
Sample
240411-cxybqshh75
-
MD5
e23f8bb38485ae01345747d7ef4cfa06
-
SHA1
84e276ef8b3a302a43a10584f001816e1ab861a4
-
SHA256
c1861e61f16e7d2e8d3c1882a8e3ca5059ae294eab39c0784ac6d4b262dfe1e8
-
SHA512
bd8c40cee70ac1aef7ffd996f3dd164e92bf10228dcdcb3b5a9fc429390d3824b70b257007725c6201807a24db3fc48f9439f914efb0869c1a00c2f3c162331a
-
SSDEEP
24576:86Gj/chy9u8zPHGeSGjadTQdDqqskYwTb7a7qM+irMQKmPu0OhDNLd/:5mQaXzPHGeVgTqDvYwTb6qjQXPAD7
Static task
static1
Behavioral task
behavioral1
Sample
c1861e61f16e7d2e8d3c1882a8e3ca5059ae294eab39c0784ac6d4b262dfe1e8.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c1861e61f16e7d2e8d3c1882a8e3ca5059ae294eab39c0784ac6d4b262dfe1e8.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
c1861e61f16e7d2e8d3c1882a8e3ca5059ae294eab39c0784ac6d4b262dfe1e8
-
Size
1.6MB
-
MD5
e23f8bb38485ae01345747d7ef4cfa06
-
SHA1
84e276ef8b3a302a43a10584f001816e1ab861a4
-
SHA256
c1861e61f16e7d2e8d3c1882a8e3ca5059ae294eab39c0784ac6d4b262dfe1e8
-
SHA512
bd8c40cee70ac1aef7ffd996f3dd164e92bf10228dcdcb3b5a9fc429390d3824b70b257007725c6201807a24db3fc48f9439f914efb0869c1a00c2f3c162331a
-
SSDEEP
24576:86Gj/chy9u8zPHGeSGjadTQdDqqskYwTb7a7qM+irMQKmPu0OhDNLd/:5mQaXzPHGeVgTqDvYwTb6qjQXPAD7
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-