Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Document 240000807.exe
-
Size
1009KB
-
Sample
240807-bl765azepf
-
MD5
2fc319277fc5b4a422ee4061a9efb654
-
SHA1
21d125d5fea94d4a12327777fe209f50588fc82f
-
SHA256
94234a613eee42af83965884973b29b57e30ef77106535fd6b3b1efb9d7f2ae3
-
SHA512
76a5e5db7b6b1a8556f89caa0a76511ff0f6d2d3acd62e7ae2105b6a3b479e6145b800b49ac93844a8582eb2c67337368a08887a0899da7bb83a80ad514fd6d9
-
SSDEEP
24576:4tVbi/AS9oZaFzl37Btwo6sdKKFcLIF/gsuQ8u4k5TWkC6j:CViAS9oZCBt3dKKSy49WlWk7
Static task
static1
Behavioral task
behavioral1
Sample
Document 240000807.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
Document 240000807.exe
-
Size
1009KB
-
MD5
2fc319277fc5b4a422ee4061a9efb654
-
SHA1
21d125d5fea94d4a12327777fe209f50588fc82f
-
SHA256
94234a613eee42af83965884973b29b57e30ef77106535fd6b3b1efb9d7f2ae3
-
SHA512
76a5e5db7b6b1a8556f89caa0a76511ff0f6d2d3acd62e7ae2105b6a3b479e6145b800b49ac93844a8582eb2c67337368a08887a0899da7bb83a80ad514fd6d9
-
SSDEEP
24576:4tVbi/AS9oZaFzl37Btwo6sdKKFcLIF/gsuQ8u4k5TWkC6j:CViAS9oZCBt3dKKSy49WlWk7
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-