Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Wireshark-4.2.4-x64.exe
-
Size
82.5MB
-
Sample
240501-p33vmafb9y
-
MD5
c38012af36b2f24cf15f971e62e08d87
-
SHA1
caa0849461201937fa995afc5d2b80986c506891
-
SHA256
b621718ffe64748590ea9568fbbed0f3d86b0939906dc9f7fe064e20ce385492
-
SHA512
84f1da60f8f974ccc24bbf054a40d6380865707d51401a70a19bc2d5e8a271fd68abce1b5fd14fd339cee57729e908e0aec70d7f5fb3046b03b183da4b233784
-
SSDEEP
1572864:qgwkqSnN5BNMnT8RjmZq2j+efj6e1u4lQ2D9jdd840ownGiwDNPjPrnrLYA:qgVqSbBinu6q2j+ixu4lQU8XhwD5PJ
Behavioral task
behavioral1
Sample
Wireshark-4.2.4-x64.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
Wireshark-4.2.4-x64.exe
-
Size
82.5MB
-
MD5
c38012af36b2f24cf15f971e62e08d87
-
SHA1
caa0849461201937fa995afc5d2b80986c506891
-
SHA256
b621718ffe64748590ea9568fbbed0f3d86b0939906dc9f7fe064e20ce385492
-
SHA512
84f1da60f8f974ccc24bbf054a40d6380865707d51401a70a19bc2d5e8a271fd68abce1b5fd14fd339cee57729e908e0aec70d7f5fb3046b03b183da4b233784
-
SSDEEP
1572864:qgwkqSnN5BNMnT8RjmZq2j+efj6e1u4lQ2D9jdd840ownGiwDNPjPrnrLYA:qgVqSbBinu6q2j+ixu4lQU8XhwD5PJ
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-