Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-07-30_8fe90853aecc84d7ea2595910c0ff323_darkside
-
Size
159KB
-
Sample
240730-jav2esvelq
-
MD5
8fe90853aecc84d7ea2595910c0ff323
-
SHA1
f005b72d83bc292fad91b76bb5a82301d5a5b7a4
-
SHA256
01c81cc29fc455796042061fac08cca5a0f46b7c84c6ad84bb237cb13e29a6f6
-
SHA512
1ee220c70aedf1d13b6e62507ec18575fbe4179a462779f7f0ac7907d22d1b35a2ab67cd2a03f236dfd8886347970f03b3d7588dffd786e0033bb00118524207
-
SSDEEP
3072:NuJ9OlKolUa1U197bzhVsmftsR1dH4d1uza8aW3Brd:Nufj0zi1dNVsmftIl4YHbd
Behavioral task
behavioral1
Sample
2024-07-30_8fe90853aecc84d7ea2595910c0ff323_darkside.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-07-30_8fe90853aecc84d7ea2595910c0ff323_darkside.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
2024-07-30_8fe90853aecc84d7ea2595910c0ff323_darkside
-
Size
159KB
-
MD5
8fe90853aecc84d7ea2595910c0ff323
-
SHA1
f005b72d83bc292fad91b76bb5a82301d5a5b7a4
-
SHA256
01c81cc29fc455796042061fac08cca5a0f46b7c84c6ad84bb237cb13e29a6f6
-
SHA512
1ee220c70aedf1d13b6e62507ec18575fbe4179a462779f7f0ac7907d22d1b35a2ab67cd2a03f236dfd8886347970f03b3d7588dffd786e0033bb00118524207
-
SSDEEP
3072:NuJ9OlKolUa1U197bzhVsmftsR1dH4d1uza8aW3Brd:Nufj0zi1dNVsmftIl4YHbd
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Sets desktop wallpaper using registry
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-