Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
20082024090918082024MSCU5149009.7Z
-
Size
723KB
-
Sample
240820-m1v1ws1hql
-
MD5
db75a0af04e4cf6f1bd70f72e34ab169
-
SHA1
d26f1a63469ac2757913c50cb0967294547c5a5a
-
SHA256
4cf6420a44a75abd889dbccbbce49eab540bcd2ee7c8a75346ee6c910a98c6d2
-
SHA512
69d6142a46c55374448654ddb4f21f41a096ef068f73568be7aa7e48ffd4bbf7b7723ab3af47aad8cc7f63d755a5cc9a865f7b55391575723f4594bab1d90062
-
SSDEEP
12288:ttNrhcWBH8dAse2Z5YNevvfdsUm/ArNF4wSXmRqqUMXB2ZMdbq5HSt/OSt:phmdAsHOsHFOIrNKXXybXB2ZONt/Oi
Static task
static1
Behavioral task
behavioral1
Sample
MSCU5149009.exe
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
MSCU5149009.exe
-
Size
772KB
-
MD5
aab0120a6b51c6ed13d3898a39873fad
-
SHA1
6170878e2a3c856a0eaa18c7e5794d09f447bfb5
-
SHA256
5c07ec6bee1771f53b2c52e01e8b2531c8991a71f927596cfccab590b7baffc0
-
SHA512
95af02a56cc7c5e2b082b7939ac4430857c26bafc92a84e07ad88a8ba964212b8aa3b3dfa007b49fcd12a0c33052245d4192fa9bd693f9a2985fb31d8621c893
-
SSDEEP
12288:kS8Vuk89Q7upy9iiRZYbfqa2uVpElpTcTkfq+OoRFPvz8q+zs0R6:0AD9UZYrqa5Gs2FXz8ho
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-