Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Ro-Exec_Crack_Fixed_UnpackFolderFirst.zip
-
Size
226KB
-
Sample
240421-jkjq5sed26
-
MD5
d7bcb4c5e87face12e76e252b6213afd
-
SHA1
f0d57fb10c0f04527426f7e2207ff49f017c9960
-
SHA256
14502837fbc8af5585ca9be4fe6a2bedb2819e57e9e3ce3227359d1079a4e4c0
-
SHA512
6a766aca5c53ad3c4b9492d84d97161109a5368a128d120a35c67ef79d6f87a9e3f53cf82faeca8c5d3e6285e1ed984656a76eb22917edc48e9235640223f093
-
SSDEEP
6144:J3Cfw2c593O9Hh2Sv8B8lv1sErmCUlgN/SRviu2oVf1ar8l+:Jyfs59+r2cA8Vxrmllgdw6QVNX+
Static task
static1
Behavioral task
behavioral1
Sample
Ro-Exec_Crack_Fixed_UnpackFolderFirst.zip
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
Ro-Exec_Crack_Fixed_UnpackFolderFirst.zip
Resource
win11-20240412-en
Malware Config
Targets
-
-
Target
Ro-Exec_Crack_Fixed_UnpackFolderFirst.zip
-
Size
226KB
-
MD5
d7bcb4c5e87face12e76e252b6213afd
-
SHA1
f0d57fb10c0f04527426f7e2207ff49f017c9960
-
SHA256
14502837fbc8af5585ca9be4fe6a2bedb2819e57e9e3ce3227359d1079a4e4c0
-
SHA512
6a766aca5c53ad3c4b9492d84d97161109a5368a128d120a35c67ef79d6f87a9e3f53cf82faeca8c5d3e6285e1ed984656a76eb22917edc48e9235640223f093
-
SSDEEP
6144:J3Cfw2c593O9Hh2Sv8B8lv1sErmCUlgN/SRviu2oVf1ar8l+:Jyfs59+r2cA8Vxrmllgdw6QVNX+
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-