Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
092b5317ed66c3d999ce9ac463a9e794a9b5edd1ca163647b2da96b381cb999d.zip
-
Size
5.3MB
-
Sample
240608-bdawnaff87
-
MD5
51ff059ffef3cb5ac629d7e804eefdd8
-
SHA1
9207acf17e2663a4c92aeb75f968d38a40c54f9e
-
SHA256
092b5317ed66c3d999ce9ac463a9e794a9b5edd1ca163647b2da96b381cb999d
-
SHA512
8ecf0cb35d0f266acbd94265f2f313293ad365f89b0209fa3236b767e7aea64ad5a75b1c3bb608ec86d5a7a032d6ba880fb57976afc631eb8c0fbbced521078f
-
SSDEEP
98304:R+jXXUiXX08wlAOPA7FxuthhGfGWuOS1HXLdu4qeMtTY7XftAWP6mdwQfOejCBL1:g7Uf8ZOIxUwE13ZKUXfC86mdw4OI+1
Static task
static1
Behavioral task
behavioral1
Sample
Update 124.0.6367.158.js
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
Update 124.0.6367.158.js
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Update 124.0.6367.158.js
-
Size
3.5MB
-
MD5
11f2b271d98b6d8e2ad624af3c87a5a9
-
SHA1
5540bb84e6a9af516c01ad25eb5e1d9dd42a0e3c
-
SHA256
bea62cbac1011a303dae7d43eec61e9b31d80ea4c92cd0fa1d18a9a04e6a2541
-
SHA512
d984b0102b64bf3b027d9de54e56c9ee8f0ff87a373b97fd8546d9885f610b98e2a889efa1d994b2f0775d56e12a0912e83a16fd258c2680e8cf27c8a12231e4
-
SSDEEP
49152:paZYOjByI+BJ8V6tlBDBFvLBLtmpf+T2vPHr+Z3jb4WsjcqTbsPF5xhyMa81qIdi:Q
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-