Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
068fb7605542cd8350ed34ec2d767856.exe
-
Size
3.8MB
-
Sample
240529-jcdj6afh33
-
MD5
068fb7605542cd8350ed34ec2d767856
-
SHA1
0c3edb958e306394cd1203e731dc781155ab2e70
-
SHA256
977e96e9ae5faa6f44902dadddec67871aede5d7edef4e4be60b70146269b23d
-
SHA512
70328066f04c2a5250de300e8ca4445cee381c13e417f2516fc3dc739b56808971ef622afb962fbefc19689e079b78080065c653aaf28c1cbb0e5f398380f29d
-
SSDEEP
98304:ykLI1vX2oBOOsQ0UfDZ5IyvJZxeaxt29s4C1eH94:dI1vnyUfDZ5nhZvxt5o94
Static task
static1
Behavioral task
behavioral1
Sample
068fb7605542cd8350ed34ec2d767856.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
068fb7605542cd8350ed34ec2d767856.exe
-
Size
3.8MB
-
MD5
068fb7605542cd8350ed34ec2d767856
-
SHA1
0c3edb958e306394cd1203e731dc781155ab2e70
-
SHA256
977e96e9ae5faa6f44902dadddec67871aede5d7edef4e4be60b70146269b23d
-
SHA512
70328066f04c2a5250de300e8ca4445cee381c13e417f2516fc3dc739b56808971ef622afb962fbefc19689e079b78080065c653aaf28c1cbb0e5f398380f29d
-
SSDEEP
98304:ykLI1vX2oBOOsQ0UfDZ5IyvJZxeaxt29s4C1eH94:dI1vnyUfDZ5nhZvxt5o94
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-