Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4f0ba9092f3cb4cdd6dce1063c63be405148f5b9713a00a450cee684258f71c6N
-
Size
257KB
-
Sample
241013-zbskpaxbpe
-
MD5
cd61032ae7bcdd087a60824958f966a0
-
SHA1
144aa2d9732ccd1c3a71833dbc30cd975e84c6d6
-
SHA256
4f0ba9092f3cb4cdd6dce1063c63be405148f5b9713a00a450cee684258f71c6
-
SHA512
211318757eff85e63cde3cde723b790abce8af1e8b8712acc5569281f925aeca04b3076ada55a0287b1655d68a5ef1c511978be824ba54a148c645d7500df38d
-
SSDEEP
3072:Og9OBT3Be2Q6khQiCCuefXxzk6iGcbPChEdGZFR2obD4CTvek5WNQp0qYutgxbaA:UeC4EwZFoobUk8qp0qpgqOZ
Malware Config
Targets
-
-
Target
4f0ba9092f3cb4cdd6dce1063c63be405148f5b9713a00a450cee684258f71c6N
-
Size
257KB
-
MD5
cd61032ae7bcdd087a60824958f966a0
-
SHA1
144aa2d9732ccd1c3a71833dbc30cd975e84c6d6
-
SHA256
4f0ba9092f3cb4cdd6dce1063c63be405148f5b9713a00a450cee684258f71c6
-
SHA512
211318757eff85e63cde3cde723b790abce8af1e8b8712acc5569281f925aeca04b3076ada55a0287b1655d68a5ef1c511978be824ba54a148c645d7500df38d
-
SSDEEP
3072:Og9OBT3Be2Q6khQiCCuefXxzk6iGcbPChEdGZFR2obD4CTvek5WNQp0qYutgxbaA:UeC4EwZFoobUk8qp0qpgqOZ
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-