Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
173f9f23f6261a8b7a243e60f1375e79396ec5b3eab5330173088d5a5bb4b0c1N
-
Size
1.4MB
-
Sample
240930-yx8clatapn
-
MD5
2ed5a214f96d2c1cab7979e824e77d60
-
SHA1
cf8af03123ccb03578f8824526c9fc15f185b25d
-
SHA256
173f9f23f6261a8b7a243e60f1375e79396ec5b3eab5330173088d5a5bb4b0c1
-
SHA512
010c391bace723f10248c19c84942277b953aede6192584da14b95ac2e0c54d7545fc91b739e06617ad638259ff3720ba2140f3a6a9294e736c625d64475cb76
-
SSDEEP
24576:L8dvIOVmW6AbPsArkueRKmV3sNlHXdmMovDevm:LowONbkBuyKmBs7YjS+
Static task
static1
Behavioral task
behavioral1
Sample
173f9f23f6261a8b7a243e60f1375e79396ec5b3eab5330173088d5a5bb4b0c1N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
173f9f23f6261a8b7a243e60f1375e79396ec5b3eab5330173088d5a5bb4b0c1N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
173f9f23f6261a8b7a243e60f1375e79396ec5b3eab5330173088d5a5bb4b0c1N
-
Size
1.4MB
-
MD5
2ed5a214f96d2c1cab7979e824e77d60
-
SHA1
cf8af03123ccb03578f8824526c9fc15f185b25d
-
SHA256
173f9f23f6261a8b7a243e60f1375e79396ec5b3eab5330173088d5a5bb4b0c1
-
SHA512
010c391bace723f10248c19c84942277b953aede6192584da14b95ac2e0c54d7545fc91b739e06617ad638259ff3720ba2140f3a6a9294e736c625d64475cb76
-
SSDEEP
24576:L8dvIOVmW6AbPsArkueRKmV3sNlHXdmMovDevm:LowONbkBuyKmBs7YjS+
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-