Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
28077b9fc0a3c230acec87246ba45ce6ec5037a26c304bd0160f1d489344faf2.exe
-
Size
559KB
-
Sample
250102-bdvk3awqem
-
MD5
36bc17eaa400cce566f480f8415c9305
-
SHA1
be0e76f8dbaba413810135f7b99f75d68d6e1158
-
SHA256
28077b9fc0a3c230acec87246ba45ce6ec5037a26c304bd0160f1d489344faf2
-
SHA512
954ce916fc83570dd7a496146c31cf56ae99036216838d7269b68b96c88452b60fe7a2f3a49a783c93a581a6f1e44ca6c3452dcade8cd4305d2e2b87fd8dba74
-
SSDEEP
12288:x+xOrozCCYaCphtIYJb6lzOqPpFOblme0pLLsbii9cWDeO7HtoNmKzoSw:COEzCFaCpAYJbwzOqPUlvOsmi9c8Sle
Behavioral task
behavioral1
Sample
28077b9fc0a3c230acec87246ba45ce6ec5037a26c304bd0160f1d489344faf2.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
28077b9fc0a3c230acec87246ba45ce6ec5037a26c304bd0160f1d489344faf2.exe
-
Size
559KB
-
MD5
36bc17eaa400cce566f480f8415c9305
-
SHA1
be0e76f8dbaba413810135f7b99f75d68d6e1158
-
SHA256
28077b9fc0a3c230acec87246ba45ce6ec5037a26c304bd0160f1d489344faf2
-
SHA512
954ce916fc83570dd7a496146c31cf56ae99036216838d7269b68b96c88452b60fe7a2f3a49a783c93a581a6f1e44ca6c3452dcade8cd4305d2e2b87fd8dba74
-
SSDEEP
12288:x+xOrozCCYaCphtIYJb6lzOqPpFOblme0pLLsbii9cWDeO7HtoNmKzoSw:COEzCFaCpAYJbwzOqPUlvOsmi9c8Sle
-
Darkcomet family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-