Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
#^FulL_PcSetUp_2025_Pas$W0rd$.zip
-
Size
12.4MB
-
Sample
240619-ym1vrsygkh
-
MD5
ab9a433a8dfe29b80efc4dd932561408
-
SHA1
4fe74323dfea3bf43f8697ba2236fae01a1b6a42
-
SHA256
5ba092e36081a762824cbeb5871a29124c6fe01cf3f3a9a567aee17162975819
-
SHA512
0c594685cf690885e31b212db6ff84619785d0b900a48a4a6c48c2ed7713e3cd93b9cf01ff707b10b7d7b4eaf1e68463b0cbb37aa9ae827a772301d432eb75dc
-
SSDEEP
196608:JXnmByFf97x4qWHMqglxM6k6KPeSOG/x5MAWhVIuPHU+6F/BWdbhxUBLmGoE7+/D:6yFfsqKzgJe1X/KV1UxFJederyL
Static task
static1
Behavioral task
behavioral1
Sample
#^FulL_PcSetUp_2025_Pas$W0rd$/Setup.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
#^FulL_PcSetUp_2025_Pas$W0rd$/Setup.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
#^FulL_PcSetUp_2025_Pas$W0rd$/Setup.exe
Resource
win11-20240419-en
Malware Config
Extracted
lumma
https://acceptconvectiiw.shop/api
https://publicitycharetew.shop/api
https://computerexcudesp.shop/api
https://leafcalfconflcitw.shop/api
https://injurypiggyoewirog.shop/api
https://bargainnygroandjwk.shop/api
https://disappointcredisotw.shop/api
https://doughtdrillyksow.shop/api
https://facilitycoursedw.shop/api
Targets
-
-
Target
#^FulL_PcSetUp_2025_Pas$W0rd$/Setup.exe
-
Size
25.3MB
-
MD5
30b0026d73559a579790bfcbf420c860
-
SHA1
3c046bfa0fc9fb4182a73ae644623d3a533799a0
-
SHA256
5b62a7ad41c986edbb249112793628eb2f2679cfdccf9ae23b3c12cc7baa4c4e
-
SHA512
315893a856b7230d5d88b923898fc24e3c7e48cdffd2e7a689ef1ff5d94baabc4ab75fbc3824a9cbbd52ff67652a64b8f6f39a2d3fad8a8428f18fbea7e27766
-
SSDEEP
393216:d9jmwJGRFpRdOupOibnGa3dTYDqAp6tn9cTfCq:bjLibGmTYItnJq
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-