Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
384878ff8e9a05c478c0dd94754ac0da2d8d33fdbb6d51334f0de55e17c0be45
-
Size
717KB
-
Sample
240606-1fd4jadd98
-
MD5
9cb8a4bb063d742711a7dc0cedf4497f
-
SHA1
5a24cffc87332cdf5e25f6654bfe060e37bcf39e
-
SHA256
384878ff8e9a05c478c0dd94754ac0da2d8d33fdbb6d51334f0de55e17c0be45
-
SHA512
d12a2f2adb1cef052d18156973d6c0ca14242c6d62646a34457b498495bd7a283b136ef0cda6a27f53aa2b2b5ac560fba62d520b8f6a2439987d2a35188a387d
-
SSDEEP
12288:q34O+O4KNr+uX7JqP3y+pSETbo3LJGWwcH3gKxvZOpQIO+o1+VDfh1+Nt6gfMSNv:q3lCuLii+pLWLJFGKxvTIboIVDfj8t6+
Static task
static1
Behavioral task
behavioral1
Sample
384878ff8e9a05c478c0dd94754ac0da2d8d33fdbb6d51334f0de55e17c0be45.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
384878ff8e9a05c478c0dd94754ac0da2d8d33fdbb6d51334f0de55e17c0be45.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
384878ff8e9a05c478c0dd94754ac0da2d8d33fdbb6d51334f0de55e17c0be45
-
Size
717KB
-
MD5
9cb8a4bb063d742711a7dc0cedf4497f
-
SHA1
5a24cffc87332cdf5e25f6654bfe060e37bcf39e
-
SHA256
384878ff8e9a05c478c0dd94754ac0da2d8d33fdbb6d51334f0de55e17c0be45
-
SHA512
d12a2f2adb1cef052d18156973d6c0ca14242c6d62646a34457b498495bd7a283b136ef0cda6a27f53aa2b2b5ac560fba62d520b8f6a2439987d2a35188a387d
-
SSDEEP
12288:q34O+O4KNr+uX7JqP3y+pSETbo3LJGWwcH3gKxvZOpQIO+o1+VDfh1+Nt6gfMSNv:q3lCuLii+pLWLJFGKxvTIboIVDfj8t6+
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-