Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
56c6cd18e30f501337a993bc99e2ecb478b07d7f0bf81da6a34d8a10c684c3a3
-
Size
1.4MB
-
Sample
240419-1myrhshb7y
-
MD5
a25866283db6311bf1ca62bc2c104010
-
SHA1
3ae2f477f007d5caf0c63d2801e66d73af9a8f9d
-
SHA256
56c6cd18e30f501337a993bc99e2ecb478b07d7f0bf81da6a34d8a10c684c3a3
-
SHA512
f02edccc3e15cbde06f5263cc271788a6e4b817e538a09320c4aac08b5f22d7953d0abc169928e780e2db940f0bd227ed84bd634761ff3443ef4562a37739943
-
SSDEEP
24576:Yiqtn333hbWJTz/chumixHq9J1W0C8/atbVRkhrGZ75KelIxfVlDinaGrEWiLwJT:x6n33xc/cn0Kj1WXHRYrGZFKjbAaGcLA
Behavioral task
behavioral1
Sample
56c6cd18e30f501337a993bc99e2ecb478b07d7f0bf81da6a34d8a10c684c3a3.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
56c6cd18e30f501337a993bc99e2ecb478b07d7f0bf81da6a34d8a10c684c3a3.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
56c6cd18e30f501337a993bc99e2ecb478b07d7f0bf81da6a34d8a10c684c3a3
-
Size
1.4MB
-
MD5
a25866283db6311bf1ca62bc2c104010
-
SHA1
3ae2f477f007d5caf0c63d2801e66d73af9a8f9d
-
SHA256
56c6cd18e30f501337a993bc99e2ecb478b07d7f0bf81da6a34d8a10c684c3a3
-
SHA512
f02edccc3e15cbde06f5263cc271788a6e4b817e538a09320c4aac08b5f22d7953d0abc169928e780e2db940f0bd227ed84bd634761ff3443ef4562a37739943
-
SSDEEP
24576:Yiqtn333hbWJTz/chumixHq9J1W0C8/atbVRkhrGZ75KelIxfVlDinaGrEWiLwJT:x6n33xc/cn0Kj1WXHRYrGZFKjbAaGcLA
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-