Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
51a88b3ddca9383fb41774f44e1263f0N.exe
-
Size
1.1MB
-
Sample
240820-z6k44axflp
-
MD5
51a88b3ddca9383fb41774f44e1263f0
-
SHA1
f364ae968f3559a936126362d867d3615a20d8dd
-
SHA256
eb752c61cfac892e83a69aad91eef9e9d03a67db225deed68c199fef293700f1
-
SHA512
4c3140fd3b1046d8ae4d94862515dc978e9fa1e1108f2173927b50fff1a593632efa49afce02001740ee01956f926a0734261544c7dad5f2848b1cff35ff7502
-
SSDEEP
6144:gL0RQ3YYWEowc1F0G0/VSyfdH75Q+mUTK:gL0RQ3YYWEodmGwH575Z
Behavioral task
behavioral1
Sample
51a88b3ddca9383fb41774f44e1263f0N.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
51a88b3ddca9383fb41774f44e1263f0N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
51a88b3ddca9383fb41774f44e1263f0N.exe
-
Size
1.1MB
-
MD5
51a88b3ddca9383fb41774f44e1263f0
-
SHA1
f364ae968f3559a936126362d867d3615a20d8dd
-
SHA256
eb752c61cfac892e83a69aad91eef9e9d03a67db225deed68c199fef293700f1
-
SHA512
4c3140fd3b1046d8ae4d94862515dc978e9fa1e1108f2173927b50fff1a593632efa49afce02001740ee01956f926a0734261544c7dad5f2848b1cff35ff7502
-
SSDEEP
6144:gL0RQ3YYWEowc1F0G0/VSyfdH75Q+mUTK:gL0RQ3YYWEodmGwH575Z
-
Detect Blackmoon payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: Clear Persistence
Clear artifacts associated with previously established persistence like scheduletasks on a host.
-
Power Settings
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-
Drops file in System32 directory
-