Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
pic.exe
-
Size
111.2MB
-
Sample
240514-wdb4yahb38
-
MD5
9619c3daaf9bdfdaf8e1d71d8ff7709c
-
SHA1
dfbd49422dbb0860e7a00bf58521f5e03f75060a
-
SHA256
706ccf2efe020871260fba69c23ebcb6320defc1fff425427d6d729ab7169285
-
SHA512
cf98e8a8edf23f23c7602f49ff88ec17475dec1831405fb2ed9f053345bcc13cff62415b12f467f3907d39a7c23d2291523aed4f663a593ec89c4d62013bf2c0
-
SSDEEP
3145728:BIgYRPSC++6y9JXJJXt/VG6RmtCRlGPrFT2qHO5i2KGaS1J:BIxaC4y95L5mERlurHCi2+y
Behavioral task
behavioral1
Sample
pic.exe
Resource
win11-20240508-en
Malware Config
Targets
-
-
Target
pic.exe
-
Size
111.2MB
-
MD5
9619c3daaf9bdfdaf8e1d71d8ff7709c
-
SHA1
dfbd49422dbb0860e7a00bf58521f5e03f75060a
-
SHA256
706ccf2efe020871260fba69c23ebcb6320defc1fff425427d6d729ab7169285
-
SHA512
cf98e8a8edf23f23c7602f49ff88ec17475dec1831405fb2ed9f053345bcc13cff62415b12f467f3907d39a7c23d2291523aed4f663a593ec89c4d62013bf2c0
-
SSDEEP
3145728:BIgYRPSC++6y9JXJJXt/VG6RmtCRlGPrFT2qHO5i2KGaS1J:BIxaC4y95L5mERlurHCi2+y
-
Downloads MZ/PE file
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Sets desktop wallpaper using registry
-