Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d3c70aad6b05c8e6f4d78dcd3adc10973bba148980c1acd2b1252bf5c2d549b1
-
Size
1.9MB
-
Sample
240416-cwsd4afb99
-
MD5
6118821615938e49bb9f714ca248668d
-
SHA1
0117cd3f90406472c8d2d65e50cf77fd4e1741e4
-
SHA256
d3c70aad6b05c8e6f4d78dcd3adc10973bba148980c1acd2b1252bf5c2d549b1
-
SHA512
1f22f6909c95d7fec03014357de82554286737cadfbdc12060234740f6bc9a61273c79c613dd473da5ff7e2c517c331590db21e11fc5e3915a5bebe71a12626e
-
SSDEEP
49152:d22WklVa2fFf/PSZuMtnDeBWRI7r3zHgIkM+K/elTmKbOx6R2yQj:HWAaIf/PuxeYRIfjhkM+KuiKbOx62yq
Behavioral task
behavioral1
Sample
d3c70aad6b05c8e6f4d78dcd3adc10973bba148980c1acd2b1252bf5c2d549b1.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
d3c70aad6b05c8e6f4d78dcd3adc10973bba148980c1acd2b1252bf5c2d549b1.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
d3c70aad6b05c8e6f4d78dcd3adc10973bba148980c1acd2b1252bf5c2d549b1
-
Size
1.9MB
-
MD5
6118821615938e49bb9f714ca248668d
-
SHA1
0117cd3f90406472c8d2d65e50cf77fd4e1741e4
-
SHA256
d3c70aad6b05c8e6f4d78dcd3adc10973bba148980c1acd2b1252bf5c2d549b1
-
SHA512
1f22f6909c95d7fec03014357de82554286737cadfbdc12060234740f6bc9a61273c79c613dd473da5ff7e2c517c331590db21e11fc5e3915a5bebe71a12626e
-
SSDEEP
49152:d22WklVa2fFf/PSZuMtnDeBWRI7r3zHgIkM+K/elTmKbOx6R2yQj:HWAaIf/PuxeYRIfjhkM+KuiKbOx62yq
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-