Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4303dad4cb3480590f2eee66f8fde1dc889a1c7fc0554a70490e4d72a8e62cd1N
-
Size
96KB
-
Sample
241010-ef37rsxaqh
-
MD5
f2ff2f96ede586a0f1646928ca290790
-
SHA1
2c25cf0f19628c9c6a66841b434d264d1377ef1d
-
SHA256
4303dad4cb3480590f2eee66f8fde1dc889a1c7fc0554a70490e4d72a8e62cd1
-
SHA512
32173a7a974ad4c65e6b466d4d4a22a22e2311617d1eb49beb1aad7e95812420320887f500fb9d17d60eb045fe68aa7626660826090b3705e900b5ae52cb222f
-
SSDEEP
1536:K9RQSUL4h0B5rGm6cPQ2m+r0RY+TCcdZB5RQ+/iSR5R45WtqV9R2R462izMg3R7o:O6JB5rf6AQk+TFZB5e+RHrtG9MW3+3lo
Static task
static1
Behavioral task
behavioral1
Sample
4303dad4cb3480590f2eee66f8fde1dc889a1c7fc0554a70490e4d72a8e62cd1N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4303dad4cb3480590f2eee66f8fde1dc889a1c7fc0554a70490e4d72a8e62cd1N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
4303dad4cb3480590f2eee66f8fde1dc889a1c7fc0554a70490e4d72a8e62cd1N
-
Size
96KB
-
MD5
f2ff2f96ede586a0f1646928ca290790
-
SHA1
2c25cf0f19628c9c6a66841b434d264d1377ef1d
-
SHA256
4303dad4cb3480590f2eee66f8fde1dc889a1c7fc0554a70490e4d72a8e62cd1
-
SHA512
32173a7a974ad4c65e6b466d4d4a22a22e2311617d1eb49beb1aad7e95812420320887f500fb9d17d60eb045fe68aa7626660826090b3705e900b5ae52cb222f
-
SSDEEP
1536:K9RQSUL4h0B5rGm6cPQ2m+r0RY+TCcdZB5RQ+/iSR5R45WtqV9R2R462izMg3R7o:O6JB5rf6AQk+TFZB5e+RHrtG9MW3+3lo
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-