Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
af3d9ef9c57bf0c4c7deadf0edd94c65b5fb106209960a4696a246313a3fd354
-
Size
377KB
-
Sample
240417-dhtwfadd7x
-
MD5
34ffc06a42d4db6f883a10650a5f5263
-
SHA1
99d53ccead2be811d25c78fcf4d123484742fdb4
-
SHA256
af3d9ef9c57bf0c4c7deadf0edd94c65b5fb106209960a4696a246313a3fd354
-
SHA512
96f10261a4e51764f39a0cec8fe844ce468981e4b21e22e0ef4f02a0e06cd6402ddcfefb30e230f645b3766b9832234cc4fcad23f9cacf62779fd80b8ac98ed7
-
SSDEEP
6144:CjluQoSIIo5Rrm6y1iZeineIN/KE6/o3gY6XaEa4U7ZAgzmfc63dSQwYiF1ESfxt:CEQoSse6y1iZeinjKE6/NrXitdzmfZ3O
Behavioral task
behavioral1
Sample
af3d9ef9c57bf0c4c7deadf0edd94c65b5fb106209960a4696a246313a3fd354.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
af3d9ef9c57bf0c4c7deadf0edd94c65b5fb106209960a4696a246313a3fd354.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
af3d9ef9c57bf0c4c7deadf0edd94c65b5fb106209960a4696a246313a3fd354
-
Size
377KB
-
MD5
34ffc06a42d4db6f883a10650a5f5263
-
SHA1
99d53ccead2be811d25c78fcf4d123484742fdb4
-
SHA256
af3d9ef9c57bf0c4c7deadf0edd94c65b5fb106209960a4696a246313a3fd354
-
SHA512
96f10261a4e51764f39a0cec8fe844ce468981e4b21e22e0ef4f02a0e06cd6402ddcfefb30e230f645b3766b9832234cc4fcad23f9cacf62779fd80b8ac98ed7
-
SSDEEP
6144:CjluQoSIIo5Rrm6y1iZeineIN/KE6/o3gY6XaEa4U7ZAgzmfc63dSQwYiF1ESfxt:CEQoSse6y1iZeinjKE6/NrXitdzmfZ3O
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-