Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
tg_proX64.exe.v
-
Size
70.9MB
-
Sample
240919-tpfkdsxfpf
-
MD5
a15fe81c0d0661a089e2d3d78213d52c
-
SHA1
049d9028f66a46d2f5127c1ce44feac95f6581a7
-
SHA256
d51d112f071390cb95010575572bdf3e0ad0a25b6b4bf83b41d6c59086cfedf7
-
SHA512
9bb25d15214ee6d897293bdd8c6e88deb2f8a2d2cf8d74abd4855c56049b09af41016d2d8f827fe072be36e3a1d6e2b19e4b36adc839e3a43e306b688cfcbf47
-
SSDEEP
1572864:T8VnWS8+lvp0kdu8RojQ5qATl2iUUeC/oIH4ecuiAxBtg:T8JyM6XjomiReMoIH4eoga
Static task
static1
Behavioral task
behavioral1
Sample
tg_proX64.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
tg_proX64.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
tg_proX64.exe.v
-
Size
70.9MB
-
MD5
a15fe81c0d0661a089e2d3d78213d52c
-
SHA1
049d9028f66a46d2f5127c1ce44feac95f6581a7
-
SHA256
d51d112f071390cb95010575572bdf3e0ad0a25b6b4bf83b41d6c59086cfedf7
-
SHA512
9bb25d15214ee6d897293bdd8c6e88deb2f8a2d2cf8d74abd4855c56049b09af41016d2d8f827fe072be36e3a1d6e2b19e4b36adc839e3a43e306b688cfcbf47
-
SSDEEP
1572864:T8VnWS8+lvp0kdu8RojQ5qATl2iUUeC/oIH4ecuiAxBtg:T8JyM6XjomiReMoIH4eoga
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-