Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

HorrorRNGInst.exe

windows7-x64

3

HorrorRNGInst.exe

windows10-2004-x64

8

Resubmissions

11/08/2024, 15:05

240811-sgd6xsvcjl 8

11/08/2024, 15:01

240811-sd1kravbkm 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HorrorRNGInst.exe

  • Size

    89KB

  • Sample

    240811-sd1kravbkm

  • MD5

    958be1157871fd8c546e4992cf55713b

  • SHA1

    dcc2fc1dc846cfa87ec29e8fe5c92603e4a895aa

  • SHA256

    f67f239010aabb32ecb3fc0e578b1faf105072feee6e352f0b385e8d405038de

  • SHA512

    d046a68472108430ee5c8f69d5ed9c3474d2f09881f3c8f344b551b3899c44bbf63d6632783354f9370e4dbefb81a597fcd1fb9baf7c1d2487bbfdea132aaba6

  • SSDEEP

    1536:H7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfCw6Op:b7DhdC6kzWypvaQ0FxyNTBfCa

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      HorrorRNGInst.exe

    • Size

      89KB

    • MD5

      958be1157871fd8c546e4992cf55713b

    • SHA1

      dcc2fc1dc846cfa87ec29e8fe5c92603e4a895aa

    • SHA256

      f67f239010aabb32ecb3fc0e578b1faf105072feee6e352f0b385e8d405038de

    • SHA512

      d046a68472108430ee5c8f69d5ed9c3474d2f09881f3c8f344b551b3899c44bbf63d6632783354f9370e4dbefb81a597fcd1fb9baf7c1d2487bbfdea132aaba6

    • SSDEEP

      1536:H7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfCw6Op:b7DhdC6kzWypvaQ0FxyNTBfCa

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks