Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
UnderWars.rar
-
Size
74.4MB
-
Sample
240421-r8y5qseb2z
-
MD5
c90d343e960c2a7773097bfd4075f2f5
-
SHA1
79d68e67e2aea53f9d3c5a0ae58262cd28bba0f0
-
SHA256
e0005227c3c8d598d73108b95758f2a64cc92305614bb111d5e9526a1201ed81
-
SHA512
bee3c872ac104dcac82453b09307620834fa4045b1d0325ad4785585ad57199b49177360c895ce7486861d0fe1dce02d3e5642c97990bbb646a6f4ebeceb9fce
-
SSDEEP
1572864:2g6LBYKH0aXsYQi2Jrydy7gJnsI0SNcucgzxTMWIyXYQ9:2juWcR3rEy8JnsqN0QMWV
Static task
static1
Behavioral task
behavioral1
Sample
UnderWars.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
UnderWars.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
UnderWars.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
UnderWars.exe
-
Size
74.4MB
-
MD5
07459ba6359ffa670886e62d763f6614
-
SHA1
3f582004f412cea04e164256f1268e2341a0a750
-
SHA256
7ab82c1ffa37f1538594cc5ad56f6dd047baf2c30bfcce614f1ad28b56196d35
-
SHA512
5c6b6ab9a73a11702fcffeae3b6eb72b6e30870d14da36b2232e6fd53579960e166fb948d9576768fee2504273d60607c097f9220007486b4c62b7ac89d83bba
-
SSDEEP
1572864:rg6LBYKH0aXsYQi2Jrydy7gJnsI0SNcucgzxTMWIyXYQ:rjuWcR3rEy8JnsqN0QMW
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-