Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4daf3337d05daaafe0f71b6075b53a17f191fa229848ccb2209db3f77421e0c6
-
Size
5.5MB
-
Sample
240626-jqvetswfnp
-
MD5
f67e33f48a1cef22ec4ff037fc2da7c2
-
SHA1
a7d454e86ccf547561d5bf13d2eea1d471417d5d
-
SHA256
4daf3337d05daaafe0f71b6075b53a17f191fa229848ccb2209db3f77421e0c6
-
SHA512
6bef7e7c412b5f5eb8bd3a00b72e6613822b4333bf5472b2d83f0cdcb25e12bd8fc2bc1cc5aa9c4b872a7dc1876eabdd6b20ad581c4a74a365ae00e4fcbf76a5
-
SSDEEP
98304:scfIsbtk1BPhunFhHAX90PE0PRo0PEvxVxvG5:scfIs5kVuntbFoxVq
Static task
static1
Behavioral task
behavioral1
Sample
4daf3337d05daaafe0f71b6075b53a17f191fa229848ccb2209db3f77421e0c6.exe
Resource
win7-20240220-en
Malware Config
Extracted
amadey
3.84
5ce0ac
http://188.40.122.96
-
install_dir
49f0160cce
-
install_file
npsvga64.exe
-
strings_key
70a1c4e95eebaa55338904ea274fdd6e
-
url_paths
/9bDc8sQ/index.php
Targets
-
-
Target
4daf3337d05daaafe0f71b6075b53a17f191fa229848ccb2209db3f77421e0c6
-
Size
5.5MB
-
MD5
f67e33f48a1cef22ec4ff037fc2da7c2
-
SHA1
a7d454e86ccf547561d5bf13d2eea1d471417d5d
-
SHA256
4daf3337d05daaafe0f71b6075b53a17f191fa229848ccb2209db3f77421e0c6
-
SHA512
6bef7e7c412b5f5eb8bd3a00b72e6613822b4333bf5472b2d83f0cdcb25e12bd8fc2bc1cc5aa9c4b872a7dc1876eabdd6b20ad581c4a74a365ae00e4fcbf76a5
-
SSDEEP
98304:scfIsbtk1BPhunFhHAX90PE0PRo0PEvxVxvG5:scfIs5kVuntbFoxVq
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-