Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
latest.zip
-
Size
81.9MB
-
Sample
240914-zd736avcpq
-
MD5
f266a3c137e1c74eb2077b0b9e9f24d9
-
SHA1
b7abed10e48b39a7207cc640252aba50fadcf39c
-
SHA256
9ff7d5dcacc3d3b623836810fbb64bc738758a53b87b752e80b37be17bcd47df
-
SHA512
91ae360239981cf2088cbb192e714f7446ceeca0f738e65caad2fd350d2507e3eb45d78789f248f69bfa53445ebe16165ae1aab3aa7fb2fa14fcaea5117d3d0d
-
SSDEEP
1572864:TW848IhxTPqxAelg2PUQFQ1/+xS88+FaePji0kR17NCfqq1/CnskKSC4KcC:u8iUv9Q12xS8/R81ICqMnTy
Static task
static1
Behavioral task
behavioral1
Sample
Flarial.Launcher.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Flarial.Launcher.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Flarial.Minimal.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Flarial.Minimal.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Flarial.Launcher.exe
-
Size
220.1MB
-
MD5
7ed175b5d2d520c969169c79da48105c
-
SHA1
88680faf5a74f8ec70e398a0c4185c821ebbecf4
-
SHA256
5558301f81bb5514bad249d94bfef2170847857b748b23ba72c1fefcdda5d773
-
SHA512
7413c7353a1c35c33beb141a41ee35b1ec9a7d42dfd90fc2bb2bbe958a62cf96b2c96bcca8ac9fd0a5bdccdb4bd2d7eaed08a005ee1068d1bfac3d5c60c1029f
-
SSDEEP
1572864:RPKf3YHOOksN7FIUo1tVj786tRjc4KI4j4Pnr:RSf3YRkURIUo1tVj782iTcz
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
Flarial.Minimal.exe
-
Size
108KB
-
MD5
de3c444d2ad0732b8ca69e642e0cb2cc
-
SHA1
adff35bbaa0e9e7debb54660f2d49443d4e4f782
-
SHA256
8369ed0d7b39c6ef6cf953658ba82b3df1997ded31ae57548173dc4c4ebe8a26
-
SHA512
cac304c03e9304d11871fd2c3ab163ea1b1fe086437652bc87e7f40f687f21fb5210814f1d6486352cadd22f6b7b12eb121210cb72673e40f715ee3e78eba6bb
-
SSDEEP
1536:qPTLuWwfmBXPPjffxBp0HdpDFnz0STlmylkRM6ngypZ6AWO:q3uiVjhBp09pD9Jl/lkHZpZ6A
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-