Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
thorium_AVX2_mini_installer.exe
-
Size
176.5MB
-
Sample
241221-sq4syasjhq
-
MD5
0c9631215e5c59f7fee9f77fe6546d34
-
SHA1
45aed1c72e51d1eeaa8105938e80a38808961f3a
-
SHA256
9ef8fae12b8291f3de3a53c0e30b71d1a6684dc1607668f577334d67e1038c31
-
SHA512
04fe163f3d158a0a3df3e5ee89c96c481ae634b543ab32fcc745519fae39a929db8d93e45a15f38873c6b03e43903d5dcf15aee1f5428cc42530126086836868
-
SSDEEP
3145728:+dDjbjAMpiIQirB/NF8yZiC5HSuQ+N/2q+y3LCaGclmtLIWJuRaQ9T4nITY:+dDHjAMpWkfGqiSHvMoLCaGYCI4MaMgU
Malware Config
Targets
-
-
Target
thorium_AVX2_mini_installer.exe
-
Size
176.5MB
-
MD5
0c9631215e5c59f7fee9f77fe6546d34
-
SHA1
45aed1c72e51d1eeaa8105938e80a38808961f3a
-
SHA256
9ef8fae12b8291f3de3a53c0e30b71d1a6684dc1607668f577334d67e1038c31
-
SHA512
04fe163f3d158a0a3df3e5ee89c96c481ae634b543ab32fcc745519fae39a929db8d93e45a15f38873c6b03e43903d5dcf15aee1f5428cc42530126086836868
-
SSDEEP
3145728:+dDjbjAMpiIQirB/NF8yZiC5HSuQ+N/2q+y3LCaGclmtLIWJuRaQ9T4nITY:+dDHjAMpWkfGqiSHvMoLCaGYCI4MaMgU
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-