Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4964fbd0316122cd1ad6d2d60ae9c9e0N.exe
-
Size
500KB
-
Sample
240819-mgsresscjl
-
MD5
4964fbd0316122cd1ad6d2d60ae9c9e0
-
SHA1
10e7d488ddef3b80bb9c30c769862e8671199d22
-
SHA256
7985ab3d836824881ff27765286ae0e6b050cd175c500776fd9cac280b92918d
-
SHA512
e75007b40af655f08339c493919ef64374d95cb963966bf27d852a568200b862de32a06290ff3b5477f852eba98b96e5a14426496de366c34cf346cd8e9e775b
-
SSDEEP
12288:CcuA7U+EljXJBh+tli2vklUHM13sfoBjW44:CcuA7U+85BCl/cSHMlsujR4
Static task
static1
Behavioral task
behavioral1
Sample
4964fbd0316122cd1ad6d2d60ae9c9e0N.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
4964fbd0316122cd1ad6d2d60ae9c9e0N.exe
-
Size
500KB
-
MD5
4964fbd0316122cd1ad6d2d60ae9c9e0
-
SHA1
10e7d488ddef3b80bb9c30c769862e8671199d22
-
SHA256
7985ab3d836824881ff27765286ae0e6b050cd175c500776fd9cac280b92918d
-
SHA512
e75007b40af655f08339c493919ef64374d95cb963966bf27d852a568200b862de32a06290ff3b5477f852eba98b96e5a14426496de366c34cf346cd8e9e775b
-
SSDEEP
12288:CcuA7U+EljXJBh+tli2vklUHM13sfoBjW44:CcuA7U+85BCl/cSHMlsujR4
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-