Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
21a6a30d034ea3bdeb37a2c86f3301086b3de7ea8650d2dccb5d6fc35491cfb2N
-
Size
384KB
-
Sample
241006-k8r8vs1cpf
-
MD5
c6e86ae15b1e3b5ab8a2ad378a308a40
-
SHA1
9c15c0df0c4da014251edffb82b7dbdf1e1f63ca
-
SHA256
21a6a30d034ea3bdeb37a2c86f3301086b3de7ea8650d2dccb5d6fc35491cfb2
-
SHA512
6fffdc485de2bc3b6c1d6d92884ca2b4a50276c308898a57715ab3fe369509b2fd0e4cb4672d3565e626fe36f3cb08c8beeed62b807cbfafb6d599700c59de54
-
SSDEEP
6144:M7Crqta8SeNpgdyuH1lZfRo0V8JcgE+ezpg12:M+987g7/VycgE82
Static task
static1
Behavioral task
behavioral1
Sample
21a6a30d034ea3bdeb37a2c86f3301086b3de7ea8650d2dccb5d6fc35491cfb2N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
21a6a30d034ea3bdeb37a2c86f3301086b3de7ea8650d2dccb5d6fc35491cfb2N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
21a6a30d034ea3bdeb37a2c86f3301086b3de7ea8650d2dccb5d6fc35491cfb2N
-
Size
384KB
-
MD5
c6e86ae15b1e3b5ab8a2ad378a308a40
-
SHA1
9c15c0df0c4da014251edffb82b7dbdf1e1f63ca
-
SHA256
21a6a30d034ea3bdeb37a2c86f3301086b3de7ea8650d2dccb5d6fc35491cfb2
-
SHA512
6fffdc485de2bc3b6c1d6d92884ca2b4a50276c308898a57715ab3fe369509b2fd0e4cb4672d3565e626fe36f3cb08c8beeed62b807cbfafb6d599700c59de54
-
SSDEEP
6144:M7Crqta8SeNpgdyuH1lZfRo0V8JcgE+ezpg12:M+987g7/VycgE82
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-