Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e097bb2d81f298f00366c9f679fb1fe68276dad5417ce09f7802f248bbc54089
-
Size
12KB
-
Sample
240522-vajh6she54
-
MD5
16e673ea543292122cfe9db64dca1f9c
-
SHA1
11745eedf398b7f4f33f7e26cd92ecfa17ae89fe
-
SHA256
e097bb2d81f298f00366c9f679fb1fe68276dad5417ce09f7802f248bbc54089
-
SHA512
a9d9f28364ba5832eaaae9979cde9f6bf1730ed296187dfd5a46975d624ec628b51d1dc190930b269fbb568cc1db42c2c10a21f8bd72b1c0966e67e501a5ce97
-
SSDEEP
192:RL29RBzDzeobchBj8JONlONsVruFrEPEjr7AhuN:h29jnbcvYJOmWuFvr7Cq
Static task
static1
Behavioral task
behavioral1
Sample
e097bb2d81f298f00366c9f679fb1fe68276dad5417ce09f7802f248bbc54089.xll
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
e097bb2d81f298f00366c9f679fb1fe68276dad5417ce09f7802f248bbc54089.xll
Resource
win11-20240426-en
Malware Config
Extracted
Targets
-
-
Target
e097bb2d81f298f00366c9f679fb1fe68276dad5417ce09f7802f248bbc54089
-
Size
12KB
-
MD5
16e673ea543292122cfe9db64dca1f9c
-
SHA1
11745eedf398b7f4f33f7e26cd92ecfa17ae89fe
-
SHA256
e097bb2d81f298f00366c9f679fb1fe68276dad5417ce09f7802f248bbc54089
-
SHA512
a9d9f28364ba5832eaaae9979cde9f6bf1730ed296187dfd5a46975d624ec628b51d1dc190930b269fbb568cc1db42c2c10a21f8bd72b1c0966e67e501a5ce97
-
SSDEEP
192:RL29RBzDzeobchBj8JONlONsVruFrEPEjr7AhuN:h29jnbcvYJOmWuFvr7Cq
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-