Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
nicetokissthebestthingsiwantotgetmebackwith.hta
-
Size
130KB
-
Sample
241017-rcnzwszgkc
-
MD5
b581033fd1ba02c7724802d3ccda9b5b
-
SHA1
ad4484b11cfd436200542cc8e4fbaebcb7491bf8
-
SHA256
008009858f9248a8d5f220f5f4a999438ec8c6218e97560ccde06b35cebd3fe4
-
SHA512
12c49b5ace4caf4ee56726ab8c19ace2e95f5a8c5478edd9f3076dcd3a659f6aa0240fbad95083657512cb22a4d8c5d0f57c1374e1dddc90f7f56389daac8d47
-
SSDEEP
192:Ea2xiqX85ziqI8o33MAEyNiqIiqaH8niqyCT:UxR85za88MZ0Kw8nX
Static task
static1
Behavioral task
behavioral1
Sample
nicetokissthebestthingsiwantotgetmebackwith.hta
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
nicetokissthebestthingsiwantotgetmebackwith.hta
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://raw.githubusercontent.com/CryptersAndToolsOficial/ZIP/refs/heads/main/DetahNote_V.jpg%20
https://raw.githubusercontent.com/CryptersAndToolsOficial/ZIP/refs/heads/main/DetahNote_V.jpg%20
Targets
-
-
Target
nicetokissthebestthingsiwantotgetmebackwith.hta
-
Size
130KB
-
MD5
b581033fd1ba02c7724802d3ccda9b5b
-
SHA1
ad4484b11cfd436200542cc8e4fbaebcb7491bf8
-
SHA256
008009858f9248a8d5f220f5f4a999438ec8c6218e97560ccde06b35cebd3fe4
-
SHA512
12c49b5ace4caf4ee56726ab8c19ace2e95f5a8c5478edd9f3076dcd3a659f6aa0240fbad95083657512cb22a4d8c5d0f57c1374e1dddc90f7f56389daac8d47
-
SSDEEP
192:Ea2xiqX85ziqI8o33MAEyNiqIiqaH8niqyCT:UxR85za88MZ0Kw8nX
Score10/10-
Blocklisted process makes network request
-
Evasion via Device Credential Deployment
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-