Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7700a37bbfb2243c94b721449cc69b7f.bin
-
Size
49KB
-
Sample
240428-bt5qzadd2x
-
MD5
f05477a278060e53cd5a3e6be9ce26ff
-
SHA1
8fcd1f375d45bf1c4c8743202f9c3388cec05352
-
SHA256
cd20ff18791a007f0cf3d36fb4dccdf9cdbb8132f9b9be5d099c487dfa0fdbf5
-
SHA512
96ca866979bbad47ea571a842246d5a10370643991484113a14f74d570f53dc92de667dcdd32334b7028de1bbccf2ccd1d05eaf7c6dabbf210eb30deb416d9d8
-
SSDEEP
1536:a09h6bl3pjqqxlQ8pOPEhvEre0934MtkN+qSdC:aPjqeltpOPENcB9IKkN+xC
Static task
static1
Behavioral task
behavioral1
Sample
655de8d3db5fbb1b2c4a57bb403f01070bf044c9afe2c4d6f7f25c2c765d87f7.wsf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
655de8d3db5fbb1b2c4a57bb403f01070bf044c9afe2c4d6f7f25c2c765d87f7.wsf
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
655de8d3db5fbb1b2c4a57bb403f01070bf044c9afe2c4d6f7f25c2c765d87f7.wsf
-
Size
109KB
-
MD5
7700a37bbfb2243c94b721449cc69b7f
-
SHA1
bc4e02172bfd1b919672b7480a8ddc5ad439ce9a
-
SHA256
655de8d3db5fbb1b2c4a57bb403f01070bf044c9afe2c4d6f7f25c2c765d87f7
-
SHA512
014ec05586005b0a10648830a32ee8616c8ed83ae0469a89da4bd3f3ee5f280a8a91f59ed99338015c1e95c10b6ea9ff11616b53f809ce8e6232edf52a854506
-
SSDEEP
3072:KI9rv8awfhzzoNWI1Qe3OjVK3EyQaeCamHaXQyKpgRpYCw+YtavFUJRoW6S:KWrvWhzzUn1Qe3OjVK3EyQvCamHaXQyM
Score8/10-
Adds policy Run key to start application
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-