Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2b5e1997f1026570d8db38cfeb5618bcc09e2298d865b044b4f67e8390f1d279
-
Size
458KB
-
Sample
240813-x3q5ts1hpc
-
MD5
8de9fe2c9de2d9dca0558ef1ed3f1a37
-
SHA1
ca5f72592a95218a16e81bf51943fd9c96a88b86
-
SHA256
2b5e1997f1026570d8db38cfeb5618bcc09e2298d865b044b4f67e8390f1d279
-
SHA512
58feadee3216f79a54ca07b054b79f6a7ba94d8ad1aac5cb5ad27fdc72be2dfc20db01010ca7c578b93c33a053f1a6255e3b95a3b9dab7d9dd1fbef844456760
-
SSDEEP
12288:B6ykouJZdyb2SkyGhd5ocRViolXjX4BjvrEH7MH:Qyjmoky85DRgolXj6rEH7MH
Static task
static1
Behavioral task
behavioral1
Sample
2b5e1997f1026570d8db38cfeb5618bcc09e2298d865b044b4f67e8390f1d279.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
2b5e1997f1026570d8db38cfeb5618bcc09e2298d865b044b4f67e8390f1d279
-
Size
458KB
-
MD5
8de9fe2c9de2d9dca0558ef1ed3f1a37
-
SHA1
ca5f72592a95218a16e81bf51943fd9c96a88b86
-
SHA256
2b5e1997f1026570d8db38cfeb5618bcc09e2298d865b044b4f67e8390f1d279
-
SHA512
58feadee3216f79a54ca07b054b79f6a7ba94d8ad1aac5cb5ad27fdc72be2dfc20db01010ca7c578b93c33a053f1a6255e3b95a3b9dab7d9dd1fbef844456760
-
SSDEEP
12288:B6ykouJZdyb2SkyGhd5ocRViolXjX4BjvrEH7MH:Qyjmoky85DRgolXj6rEH7MH
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-