Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
sample
-
Size
20KB
-
Sample
240420-n81f1sgd29
-
MD5
8f38eeee5cf9d6712f6eb9e4c43f293d
-
SHA1
c27a28463b3e804d50ae91cead6a427fbfff7ef2
-
SHA256
e368c1bc562c0f4769de6f52d934a4bac97ad6d5c6e7d84d6e3d8ddf59b3f3d4
-
SHA512
b3bded141d5748c1cf08f573d1ac73173e52dd3d236f2b4f5d7bc987c95a55d50c0d4d84b5f34a1131a418d7a9005bcdc39b3f2109ab7347d18316f1cd0df34d
-
SSDEEP
384:rL0fFJw5xednDpmReVoOs4Ci9ylKeGM0Uukf5HhhbUg0bM7UjS2LjFrSnT+7VJCg:rL0fFJgGnBVoOs4CmyI1MQkf5BhbFpUX
Static task
static1
Behavioral task
behavioral1
Sample
sample.html
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
sample
-
Size
20KB
-
MD5
8f38eeee5cf9d6712f6eb9e4c43f293d
-
SHA1
c27a28463b3e804d50ae91cead6a427fbfff7ef2
-
SHA256
e368c1bc562c0f4769de6f52d934a4bac97ad6d5c6e7d84d6e3d8ddf59b3f3d4
-
SHA512
b3bded141d5748c1cf08f573d1ac73173e52dd3d236f2b4f5d7bc987c95a55d50c0d4d84b5f34a1131a418d7a9005bcdc39b3f2109ab7347d18316f1cd0df34d
-
SSDEEP
384:rL0fFJw5xednDpmReVoOs4Ci9ylKeGM0Uukf5HhhbUg0bM7UjS2LjFrSnT+7VJCg:rL0fFJgGnBVoOs4CmyI1MQkf5BhbFpUX
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-