Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
RCO.exe
-
Size
222KB
-
Sample
240602-rkscaaed9t
-
MD5
50f1747ff799c7570724b8b8f7067edd
-
SHA1
a2184575ca32414f5befc2fb144f04bf8489c10f
-
SHA256
93f24a17c16b1e18b9e7945c9977300409a397ad3e85dc240bc339f8e9c63673
-
SHA512
98972b222f3f00ee6220870dc8b81e89cb3e07a951e040c775b056db332b827127ebde495cb90adb4341f2c1296308c6cd05a0e65abc334f0340143ba0d9b4ad
-
SSDEEP
6144:FBlkZvaF4NTBma7zzALBp7VMfct/hSKUKq438eskP:FoSWNTskzALPtt/Bj38eN
Static task
static1
Behavioral task
behavioral1
Sample
RCO.exe
Resource
win10-20240404-uk
Malware Config
Extracted
https://raw.githubusercontent.com/o5u3/Roblox-Client-Optimizer/version/latestversion
Targets
-
-
Target
RCO.exe
-
Size
222KB
-
MD5
50f1747ff799c7570724b8b8f7067edd
-
SHA1
a2184575ca32414f5befc2fb144f04bf8489c10f
-
SHA256
93f24a17c16b1e18b9e7945c9977300409a397ad3e85dc240bc339f8e9c63673
-
SHA512
98972b222f3f00ee6220870dc8b81e89cb3e07a951e040c775b056db332b827127ebde495cb90adb4341f2c1296308c6cd05a0e65abc334f0340143ba0d9b4ad
-
SSDEEP
6144:FBlkZvaF4NTBma7zzALBp7VMfct/hSKUKq438eskP:FoSWNTskzALPtt/Bj38eN
Score10/10-
Blocklisted process makes network request
-
Legitimate hosting services abused for malware hosting/C2
-