Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
29/05/2024, 05:32
240529-f8gpxach46 8General
-
Target
PO-2024-SGL-014.exe
-
Size
729KB
-
Sample
240529-f86zssch68
-
MD5
d7bfd4fbd63b24a8848b0179ea7ad1e3
-
SHA1
d82909d8315d72f13e0800cf2c8b8d714a08d87e
-
SHA256
598e01cb5243265105853c0c275853142f95f34a1f21f339903d26a5878ef6f4
-
SHA512
dad5e88c8223f8544111bc362e6888a34777691d20b0946361b263837186a0236df63d4e3c4f9802f990e5e85481558426e658684dc8dd58af83f3cde47a3740
-
SSDEEP
12288:QnGihafKwYuHKtulnV9QVGRdGn6ZXfmZCdR28WPZ/krFExy/oK0jHbX+56ezb2uF:iuHQulVe6Gn6ZeDPSrWMQK0jHLRGjs45
Static task
static1
Behavioral task
behavioral1
Sample
PO-2024-SGL-014.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
PO-2024-SGL-014.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
PO-2024-SGL-014.exe
-
Size
729KB
-
MD5
d7bfd4fbd63b24a8848b0179ea7ad1e3
-
SHA1
d82909d8315d72f13e0800cf2c8b8d714a08d87e
-
SHA256
598e01cb5243265105853c0c275853142f95f34a1f21f339903d26a5878ef6f4
-
SHA512
dad5e88c8223f8544111bc362e6888a34777691d20b0946361b263837186a0236df63d4e3c4f9802f990e5e85481558426e658684dc8dd58af83f3cde47a3740
-
SSDEEP
12288:QnGihafKwYuHKtulnV9QVGRdGn6ZXfmZCdR28WPZ/krFExy/oK0jHbX+56ezb2uF:iuHQulVe6Gn6ZeDPSrWMQK0jHLRGjs45
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-