Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Orbit.exe
-
Size
6.1MB
-
Sample
241003-x4pndswcpc
-
MD5
c5a284f86ab09705d740e078dd2234fa
-
SHA1
a687b49998e60b6f1007c1efb439f43a76751c0d
-
SHA256
c518dd0c733979d19342438ebdcbb2b4048db263f7bcf109dded1ae040d1e8dd
-
SHA512
f45d47c679ff37e0eb323ade59ff5537668f2f1481af490d0ff05679705ea238f2cdbd2f22b8262eb815e78ed1c2766dadae2a7f2beaf77b1700c8c8787e168a
-
SSDEEP
98304:SCkUQdmsBO5sw/utgKOK7bev58rxc3rsUwyIO3ZCpbyCzPw:wZmAIWtrPa8r63rsNyIIZC1yIY
Static task
static1
Behavioral task
behavioral1
Sample
Orbit.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
Orbit.exe
-
Size
6.1MB
-
MD5
c5a284f86ab09705d740e078dd2234fa
-
SHA1
a687b49998e60b6f1007c1efb439f43a76751c0d
-
SHA256
c518dd0c733979d19342438ebdcbb2b4048db263f7bcf109dded1ae040d1e8dd
-
SHA512
f45d47c679ff37e0eb323ade59ff5537668f2f1481af490d0ff05679705ea238f2cdbd2f22b8262eb815e78ed1c2766dadae2a7f2beaf77b1700c8c8787e168a
-
SSDEEP
98304:SCkUQdmsBO5sw/utgKOK7bev58rxc3rsUwyIO3ZCpbyCzPw:wZmAIWtrPa8r63rsNyIIZC1yIY
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-