Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Setup_AccountManager.exe
-
Size
356.5MB
-
Sample
240906-q3ba2szfmb
-
MD5
ee89d9c23cbd9e3d95186b63036590ba
-
SHA1
0c6e60760615292071992df7e1798857ea543de3
-
SHA256
1c0cfd2df682cd04b36c2f800d26885cddb2584e2f9ccfa524b5361d7da5e1f0
-
SHA512
2c7fee89a07e45610d4130741325890adb21d55d521670af88e4adb7cfd3ca0b4fa4de5ae61de348b3538815146c673abecaf88e8d20f0128fbd5df672280823
-
SSDEEP
6291456:kNMAmoa+1xzdLEv/440fyFnyEZ6tZF/sGuNJzO1eNaLtA22s1V1WbauWsrxc1:sNmopxzdLEYrKn+PF/AJzO1JLUgV1gWX
Static task
static1
Behavioral task
behavioral1
Sample
Setup_AccountManager.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Setup_AccountManager.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Setup_AccountManager.exe
-
Size
356.5MB
-
MD5
ee89d9c23cbd9e3d95186b63036590ba
-
SHA1
0c6e60760615292071992df7e1798857ea543de3
-
SHA256
1c0cfd2df682cd04b36c2f800d26885cddb2584e2f9ccfa524b5361d7da5e1f0
-
SHA512
2c7fee89a07e45610d4130741325890adb21d55d521670af88e4adb7cfd3ca0b4fa4de5ae61de348b3538815146c673abecaf88e8d20f0128fbd5df672280823
-
SSDEEP
6291456:kNMAmoa+1xzdLEv/440fyFnyEZ6tZF/sGuNJzO1eNaLtA22s1V1WbauWsrxc1:sNmopxzdLEYrKn+PF/AJzO1JLUgV1gWX
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Password Policy Discovery
Attempt to access detailed information about the password policy used within an enterprise network.
-