Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
sample
-
Size
19KB
-
Sample
240513-yn9jasbf5w
-
MD5
20f94e0fec19560a3addbd00d6e74d47
-
SHA1
0e6216c71cfbdefb6f3c9980583cabcfc7df0619
-
SHA256
b6c1a86d45d6f3c4ad75146d64e8d650de0449f2cb3ab280d62ecce86f07aff3
-
SHA512
3e6f52b3c379335c41c15ae92ecbf809edf75640976457e075412db6d1b9802256fc6b1032bf7ef5862ca9cb798712f5d833c3b2abccc7c625b6fc2875c48ccd
-
SSDEEP
384:rY8DpmReVoOs4Xi9ylKeGMpU8HhhbVck7aJo2paWhOwob0Vnp2IJCgMmVn:rTBVoOs4XmyI1M9Bhb2yaIWhOwob0Vpt
Static task
static1
Behavioral task
behavioral1
Sample
sample.html
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
sample.html
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
sample
-
Size
19KB
-
MD5
20f94e0fec19560a3addbd00d6e74d47
-
SHA1
0e6216c71cfbdefb6f3c9980583cabcfc7df0619
-
SHA256
b6c1a86d45d6f3c4ad75146d64e8d650de0449f2cb3ab280d62ecce86f07aff3
-
SHA512
3e6f52b3c379335c41c15ae92ecbf809edf75640976457e075412db6d1b9802256fc6b1032bf7ef5862ca9cb798712f5d833c3b2abccc7c625b6fc2875c48ccd
-
SSDEEP
384:rY8DpmReVoOs4Xi9ylKeGMpU8HhhbVck7aJo2paWhOwob0Vnp2IJCgMmVn:rTBVoOs4XmyI1M9Bhb2yaIWhOwob0Vpt
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-