Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
hit sync the kryhon4pm.exe
-
Size
75.0MB
-
Sample
240602-zndx3aff72
-
MD5
2f26151ebf3a3804c239998fa482621d
-
SHA1
a10a1161ed337a069cf02dac22a2952dfe46bc81
-
SHA256
dd14793ef07cb6f73ead351e97aa7789629129501cc1f50a365e402ea937ae9a
-
SHA512
cce3e9775657f5b2d21738c99ffeed6f89f25baa383aa0e5ec6ce951d33791178c3c87c22988ee9407f347316007cb36ccb7ab9744fb26335bd294c623a206dc
-
SSDEEP
1572864:W12PFEnLoJ+jO2hMNml/KUTG5JsMA9H4W1QULyBuxVxLjjJdp8joQ:WcPFE763UWsMA9H4W1QUmBu/NjjKoQ
Static task
static1
Behavioral task
behavioral1
Sample
hit sync the kryhon4pm.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
hit sync the kryhon4pm.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
hit sync the kryhon4pm.exe
-
Size
75.0MB
-
MD5
2f26151ebf3a3804c239998fa482621d
-
SHA1
a10a1161ed337a069cf02dac22a2952dfe46bc81
-
SHA256
dd14793ef07cb6f73ead351e97aa7789629129501cc1f50a365e402ea937ae9a
-
SHA512
cce3e9775657f5b2d21738c99ffeed6f89f25baa383aa0e5ec6ce951d33791178c3c87c22988ee9407f347316007cb36ccb7ab9744fb26335bd294c623a206dc
-
SSDEEP
1572864:W12PFEnLoJ+jO2hMNml/KUTG5JsMA9H4W1QULyBuxVxLjjJdp8joQ:WcPFE763UWsMA9H4W1QUmBu/NjjKoQ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-