Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024092910a28604b483ba7d01d5513d10ee50a4floxificedid
-
Size
392KB
-
Sample
240930-jlg9psxhrd
-
MD5
10a28604b483ba7d01d5513d10ee50a4
-
SHA1
317cc69da0bc9d5cb90507d14faf92ecf9a3d65c
-
SHA256
ed84f99cb5d6e5e343711479801b2f3d62a921b55524508b08d7a902e73d5ad9
-
SHA512
4e4ce51a4bb398d8fd5cf02015e642145be5e1d8406f3a04a1878aa57f4f780595ed2b70ea1bfe4e3d8fb85ecc66983233ff81b78b3bec14e92d20810912f926
-
SSDEEP
6144:4GPEveLf5Rfb9puSt/jbO/4MvJZju0WBD3HGzBV+UdvrEFp7hKxA8g/:4pAf5Rfb9Z9O/pviBmBjvrEH7z8w
Static task
static1
Behavioral task
behavioral1
Sample
2024092910a28604b483ba7d01d5513d10ee50a4floxificedid.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024092910a28604b483ba7d01d5513d10ee50a4floxificedid.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024092910a28604b483ba7d01d5513d10ee50a4floxificedid
-
Size
392KB
-
MD5
10a28604b483ba7d01d5513d10ee50a4
-
SHA1
317cc69da0bc9d5cb90507d14faf92ecf9a3d65c
-
SHA256
ed84f99cb5d6e5e343711479801b2f3d62a921b55524508b08d7a902e73d5ad9
-
SHA512
4e4ce51a4bb398d8fd5cf02015e642145be5e1d8406f3a04a1878aa57f4f780595ed2b70ea1bfe4e3d8fb85ecc66983233ff81b78b3bec14e92d20810912f926
-
SSDEEP
6144:4GPEveLf5Rfb9puSt/jbO/4MvJZju0WBD3HGzBV+UdvrEFp7hKxA8g/:4pAf5Rfb9Z9O/pviBmBjvrEH7z8w
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-