Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e70f2cd3ecc01f5978be67c96c3a994e.zip
-
Size
38KB
-
Sample
240902-b61yjsyhmb
-
MD5
021aad7eac2dfe927f1259f1556e881d
-
SHA1
770bfbbc8d6db23409cc3bfb8a01654263b072d6
-
SHA256
345dcbd65c098bfb7011ee6b54563bc540f1749b1fcfbf9a7b759299be04d12a
-
SHA512
be546087651ed4b72509d30acc468eb6128609ee3facca79540dfeaa2f55146baf0392450caedc8d1bb0b5b1e037561bd7e30f7620824fed49cb62b692d1554d
-
SSDEEP
768:TWjQmkC/5LPTb0DMiYtTweY8Q7iw6Apzai97Jofe0:uhkC/5jTwQbFwt6ApbKff
Static task
static1
Behavioral task
behavioral1
Sample
e7d16c400ee858a5ba28e94e59da041dbd8ef9efaf6f77ec11fa262876556c98.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e7d16c400ee858a5ba28e94e59da041dbd8ef9efaf6f77ec11fa262876556c98.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
e7d16c400ee858a5ba28e94e59da041dbd8ef9efaf6f77ec11fa262876556c98
-
Size
140KB
-
MD5
e70f2cd3ecc01f5978be67c96c3a994e
-
SHA1
2f1e6ddaf066f6d9f9100041dd4a7bf2a16d02fe
-
SHA256
e7d16c400ee858a5ba28e94e59da041dbd8ef9efaf6f77ec11fa262876556c98
-
SHA512
4571f82fa212d11d971b547807781ba9f50261d9c88ec3736f6805ecacaf54b138681c2692e4c9f6b5d5d92f26ebcbc41aa7cc0acaef0f79299cf2a2033be92e
-
SSDEEP
1536:MEsyxfSBqE63VIf33YaV9r6C8b5f7rLk8YhJ/gnhSqHX4ixExm:MEsm6B56Of3RV9+C8b5vhSqHX4ixE
Score8/10-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-