Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
PqHR.exe
-
Size
703KB
-
Sample
240828-ygdhaavark
-
MD5
7f0bde5df6ebbdceeda83413fc738320
-
SHA1
0b56f2596dc7a7a98d0658fa713c390fc13e3b58
-
SHA256
3220d05370089858afc641382a81dd7e36ee4ad2061addfaf9d70b966e20b718
-
SHA512
65b54ebaeeb4738043de99d0b0426a734f1b5aef4b1060824f9483c61a68d71f3d7386e2673c8b6578f1decbd0d18ca31df3026101304b200e91770a2b3794d1
-
SSDEEP
12288:6mdn4uUeOJon2ftsknVYzi9FCqW+mizBu0LbDcrnsCQYF9eNQvnoj/TY9VNh6T+6:6gTOJCciUPFCqTmiVt/crnbF9eKnM0V/
Static task
static1
Behavioral task
behavioral1
Sample
PqHR.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
PqHR.exe
-
Size
703KB
-
MD5
7f0bde5df6ebbdceeda83413fc738320
-
SHA1
0b56f2596dc7a7a98d0658fa713c390fc13e3b58
-
SHA256
3220d05370089858afc641382a81dd7e36ee4ad2061addfaf9d70b966e20b718
-
SHA512
65b54ebaeeb4738043de99d0b0426a734f1b5aef4b1060824f9483c61a68d71f3d7386e2673c8b6578f1decbd0d18ca31df3026101304b200e91770a2b3794d1
-
SSDEEP
12288:6mdn4uUeOJon2ftsknVYzi9FCqW+mizBu0LbDcrnsCQYF9eNQvnoj/TY9VNh6T+6:6gTOJCciUPFCqTmiVt/crnbF9eKnM0V/
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-