Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
805211cc2830d787e6dcf1845bf5c7da421a25cd7cf93197aaa470166b9d2b45
-
Size
352KB
-
Sample
240505-bnf6esdb95
-
MD5
9d803a16241a6009ddd3c593d8c06bde
-
SHA1
3231386f0d741c36cc2f83f6b383540045648824
-
SHA256
805211cc2830d787e6dcf1845bf5c7da421a25cd7cf93197aaa470166b9d2b45
-
SHA512
e652d56441bece92df2a85fd8644ecff2b30ff7ba5554f4f4e651331a793fa2829ba80cf414fa77e91e1a5a130755bc1f964217c653885559c5ce729cbad2d30
-
SSDEEP
6144:RIs9OKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPFsEPAsKCe8i:oKofHfHTXQLzgvnzHPowYbvrjD/L7QPs
Static task
static1
Behavioral task
behavioral1
Sample
805211cc2830d787e6dcf1845bf5c7da421a25cd7cf93197aaa470166b9d2b45.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
805211cc2830d787e6dcf1845bf5c7da421a25cd7cf93197aaa470166b9d2b45.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
805211cc2830d787e6dcf1845bf5c7da421a25cd7cf93197aaa470166b9d2b45
-
Size
352KB
-
MD5
9d803a16241a6009ddd3c593d8c06bde
-
SHA1
3231386f0d741c36cc2f83f6b383540045648824
-
SHA256
805211cc2830d787e6dcf1845bf5c7da421a25cd7cf93197aaa470166b9d2b45
-
SHA512
e652d56441bece92df2a85fd8644ecff2b30ff7ba5554f4f4e651331a793fa2829ba80cf414fa77e91e1a5a130755bc1f964217c653885559c5ce729cbad2d30
-
SSDEEP
6144:RIs9OKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPFsEPAsKCe8i:oKofHfHTXQLzgvnzHPowYbvrjD/L7QPs
Score9/10-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-