Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
FoxiWare W11 Support.rar
-
Size
682KB
-
Sample
240426-nevnnsfb9z
-
MD5
6dde9d167b55c0945de83eb8b518e75d
-
SHA1
463dfa8f5c6dd774cc05f9ca0cbb6e3d7c981218
-
SHA256
bcc9b82f4b261b15c94e811e3375734b568412b81ae90e5a3ed5a823e8ba9b79
-
SHA512
1852d44fe1ec0db03a76f3c665f82a171cbde3a19f467254239acb214e68fec9dfdcb7db0e6acabc8505402940a4d6b907f7ef18ece0fd38571142db9a62e306
-
SSDEEP
12288:zq+PSawQjRvM8ZJxbYLVMUzZ+GxfamFjY/RSSjiV9dMMkc5u:eTO5YLVMUImJuRsVJkr
Malware Config
Targets
-
-
Target
FoxiWare W11 Support.rar
-
Size
682KB
-
MD5
6dde9d167b55c0945de83eb8b518e75d
-
SHA1
463dfa8f5c6dd774cc05f9ca0cbb6e3d7c981218
-
SHA256
bcc9b82f4b261b15c94e811e3375734b568412b81ae90e5a3ed5a823e8ba9b79
-
SHA512
1852d44fe1ec0db03a76f3c665f82a171cbde3a19f467254239acb214e68fec9dfdcb7db0e6acabc8505402940a4d6b907f7ef18ece0fd38571142db9a62e306
-
SSDEEP
12288:zq+PSawQjRvM8ZJxbYLVMUzZ+GxfamFjY/RSSjiV9dMMkc5u:eTO5YLVMUImJuRsVJkr
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
-
-
Target
foxiwareW11.exe
-
Size
1.6MB
-
MD5
17b550ff809630eed75bd02f149fb881
-
SHA1
32ba526b8e17bd93381e551646edf69f241b12f5
-
SHA256
684456b75ff984be0b747aebfdd4f817fe83d82d9a998eefc07eaf6872a17070
-
SHA512
6aae3d1e9354b268bb314961ba26bee5b11e0f6298607554b3b10ef85ac4928f9fca61e2ab82eff8a6a80b2406733c013c027dcd138434729b788242219f406c
-
SSDEEP
24576:73q9ZgAzI8wPurmVcwOO2mvJItTD3pehNoSLGydY/AvS1L68PuUgKzj:TqL7zI8wORwf9vQTVANYIvSB68P
Score1/10 -