Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ScreenConnect.ClientSetup.exe
-
Size
5.2MB
-
Sample
240514-xxgn7scd95
-
MD5
5100c35ddc2ca0709857fa1b93e2fd6d
-
SHA1
d71cbdb3e8729cc071f20b86f3cdc534da93a880
-
SHA256
585af37e89555cdf0398a491a67f0c501f97c1d9f1ca47569f134b2a4aa6f614
-
SHA512
a50e2211e83d920e08e2c5030e2ff35e90905a7039b513a0ddd26b8eb8b19de0da5ee0c71da159c78ca082b4758926726257b8d5ce6fc505e4e6ef79d59d3202
-
SSDEEP
98304:3ps6efPfBOPvLtabi4X0MV+dYdcGt7VIb4:ZfefPJws3V+a
Static task
static1
Behavioral task
behavioral1
Sample
ScreenConnect.ClientSetup.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
ScreenConnect.ClientSetup.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
ScreenConnect.ClientSetup.exe
Resource
win11-20240508-en
Malware Config
Targets
-
-
Target
ScreenConnect.ClientSetup.exe
-
Size
5.2MB
-
MD5
5100c35ddc2ca0709857fa1b93e2fd6d
-
SHA1
d71cbdb3e8729cc071f20b86f3cdc534da93a880
-
SHA256
585af37e89555cdf0398a491a67f0c501f97c1d9f1ca47569f134b2a4aa6f614
-
SHA512
a50e2211e83d920e08e2c5030e2ff35e90905a7039b513a0ddd26b8eb8b19de0da5ee0c71da159c78ca082b4758926726257b8d5ce6fc505e4e6ef79d59d3202
-
SSDEEP
98304:3ps6efPfBOPvLtabi4X0MV+dYdcGt7VIb4:ZfefPJws3V+a
Score8/10-
Sets service image path in registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-