Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fd85a77b1322ab368cd2e8702cdbecb0N.exe
-
Size
400KB
-
Sample
240826-clp6zsyfqh
-
MD5
fd85a77b1322ab368cd2e8702cdbecb0
-
SHA1
392848b6b67a19e2aed417b2c472cbe1ab5e3d8e
-
SHA256
da359c2f4625fcff92e0e8eca9517110b0279957aa0bf9198c9cc34053cebac5
-
SHA512
10e55b4069818cc1c45edbd14460d8b14aed4b558e431d107c708f7fdfe3daa30b9d843b981de5306aae216f78f70a616f2396e8dc349dd4ca8f5736e7071672
-
SSDEEP
3072:fDNcIFN3tw4QfwmAOMe6UJbVM/vkA9OQzY6eCFs5Juh2v19hlDcfbEdp7uxEo+9l:LJigOTJXYOaFs5Juh819hqkuGh2LeyI
Behavioral task
behavioral1
Sample
fd85a77b1322ab368cd2e8702cdbecb0N.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
fd85a77b1322ab368cd2e8702cdbecb0N.exe
-
Size
400KB
-
MD5
fd85a77b1322ab368cd2e8702cdbecb0
-
SHA1
392848b6b67a19e2aed417b2c472cbe1ab5e3d8e
-
SHA256
da359c2f4625fcff92e0e8eca9517110b0279957aa0bf9198c9cc34053cebac5
-
SHA512
10e55b4069818cc1c45edbd14460d8b14aed4b558e431d107c708f7fdfe3daa30b9d843b981de5306aae216f78f70a616f2396e8dc349dd4ca8f5736e7071672
-
SSDEEP
3072:fDNcIFN3tw4QfwmAOMe6UJbVM/vkA9OQzY6eCFs5Juh2v19hlDcfbEdp7uxEo+9l:LJigOTJXYOaFs5Juh819hqkuGh2LeyI
Score8/10-
Adds policy Run key to start application
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-