Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
PID.Key.Checker.zip
-
Size
9.8MB
-
Sample
240819-2xgfnavajp
-
MD5
d9ce6a2a781ad9f9a8af3ba4be5b6a97
-
SHA1
af930244881612133104d8a717242542c739f44a
-
SHA256
99262ab91de9e9ddcab93e1f3f67cf356cbdb11bff959a05a51abbe1562f2366
-
SHA512
d24ec5d172528585a56f9f9fc609bd31b0d5552bf671ea6fb28a29c61caa9c4cbd94415a80cc4417672cf11425b86d15de03e038ddc5fca832cc707e6e152608
-
SSDEEP
196608:ZurEAMcmPIaPhnCxylwa+0YAmH+BI5/kIhEHR+IfMlUBcf0+DgagAos0apc8:Zur9MIqqtH++9ex7fMlUY0+7tS8
Static task
static1
Behavioral task
behavioral1
Sample
PID Key Checker/AutomaticUpdater.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
PID Key Checker/AutomaticUpdater.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
PID Key Checker/PID Key Checker.exe
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
PID Key Checker/PID Key Checker.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
PID Key Checker/pidgenx.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral6
Sample
PID Key Checker/wyUpdate.exe
Resource
win7-20240705-en
Behavioral task
behavioral7
Sample
PID Key Checker/wyUpdate.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
PID Key Checker/AutomaticUpdater.dll
-
Size
82KB
-
MD5
2863fe94130e9c2e83198f64d328bb9e
-
SHA1
5f6427275fb25459ab877182f1d2dd82b6423f11
-
SHA256
80e08b87c32e5d4090fc3b08657d98f5aaac4c60b275adcc69b026829ccf3b1b
-
SHA512
ef38b2398ca062ea81859aafc5ce752560752627ad76e412b8659f18c0630b15aa03f8824b63a9fb4cdcd74dff5eaee24ea9af26c7401bca5619656ded2e371d
-
SSDEEP
1536:Pw8kFf++WXqyuUtSzgH0AIryrsfSv8yfe+gOVrFc9cui0o8CO0O:Pgf+rXUUtSzLVpyfe+ggFc9cui0osT
Score1/10 -
-
-
Target
PID Key Checker/PID Key Checker.exe
-
Size
9.7MB
-
MD5
cfae82ef8329044b196c682444c2060e
-
SHA1
e7bdd49030e7a6b8efef1a4201e95f2a385a06f6
-
SHA256
22fc1ce3806264ff01abc40e818a70bc467027b9dea29422a362d15e48e108bd
-
SHA512
783ae2588d9a557be59eabe4107e0fdd7c97f3173f3e11bb4ade53c19e16d8497a71599492408849a5eeb7a56278f3d50a3417971c8d1b388fc550731aa30037
-
SSDEEP
98304:z2xA9DMbJcioxcKK2SewFiYCJc7vfmIAh19DMbJcioxcKK2SewFiYCJc7vfmIqNn:ytAAqMsiD6Gu
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
PID Key Checker/pidgenx.dll
-
Size
914KB
-
MD5
ffb5324cc79cbb606111af59a0d68a15
-
SHA1
46d7498c8a280788fdc6cb8825983f9097706c9b
-
SHA256
57676bb6edeb34a66e24a3d4a7c56a16ddc92522a24097c6e94d7f702923c3ff
-
SHA512
6dd7853f974178dec92c295882d3b9a0f357d54dba3186826282edb3c1af4a25db9c10944b73bf2194cce830bec4068950aafb7d08d54072a5f44d889bffccaf
-
SSDEEP
24576:gxqa6ZSrEbXZsJPs7QmZgHwhqB4Fxc89Jd:pZSriXSJPs7dyfUcY
Score3/10 -
-
-
Target
PID Key Checker/wyUpdate.exe
-
Size
434KB
-
MD5
37c753d5ab2dba14e7b7e1dc56b87c27
-
SHA1
d6dfd70d391c4814ce8c4f2e8bf0c41e7deed1ee
-
SHA256
aa71c676499260ed07b6b0e54aff155ad8e46b49aee933e90b5ff4dd098aadb6
-
SHA512
0c96bfad6192c6a6d652ff7d4bd93bb13d7fd27e6ccc9a6200c235c833e5340d8e6d8f10937396a9c39b06dbb41a27348d031d55e3b8baa50cdcacaaffff41db
-
SSDEEP
6144:YFnJRm+efxgsQWc2m8snsIa9rRLKX5Z1BfZ9e58UoEFXtf79VMUHZZgBRflKXB:YFnXmrsWcRIKf1sNo+gUHZmVsR
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-