Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
4684ed29993f94294385dd0e30b0a3228f20f4d867fe8e2b91e27456e1ac7291.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
4684ed29993f94294385dd0e30b0a3228f20f4d867fe8e2b91e27456e1ac7291.exe
Resource
win10v2004-20241007-en
General
-
Target
4684ed29993f94294385dd0e30b0a3228f20f4d867fe8e2b91e27456e1ac7291
-
Size
1.5MB
-
MD5
a287ee08d969e3069191497790366824
-
SHA1
8b461d3521e08c31822137ad87202e67a3f231c4
-
SHA256
4684ed29993f94294385dd0e30b0a3228f20f4d867fe8e2b91e27456e1ac7291
-
SHA512
3ffb7169a9ba9c97549f8b9e1d4efaac2b5e8375c553e9164841a571ea08d4f158d36345fbdd3104940c9aa8aa1b60f69efe95bfdbf74842e52b2ab9f8b22c2e
-
SSDEEP
24576:/WHd6k7pY1gqELvNR4zugCNvbgk50Au3i0r41aBilXICEp1mPYIoFeitY:jaIgqETNR4zbCFpG/341aUlYCEp4YFFC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4684ed29993f94294385dd0e30b0a3228f20f4d867fe8e2b91e27456e1ac7291
Files
-
4684ed29993f94294385dd0e30b0a3228f20f4d867fe8e2b91e27456e1ac7291.exe windows:4 windows x86 arch:x86
739aace5cca7ec9b4956d02384a9e84d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntdll
NtQueryKey
ole32
CoGetStandardMarshal
ws2_32
WSCUnInstallNameSpace
kernel32
GetCurrentThread
GetCurrentProcess
GetFileAttributesA
user32
GetDesktopWindow
Sections
.text Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 275B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE